Friendly forums for passionate Dems!
More than 92 million posts since 2001
Home Latest Greatest Videos Forums Hide ads Join up!
Home Latest Greatest
Videos Forums Help
Hide ads Join up!
Latest Discussions»Help & Search»Computer Help and Support»Millions of Dell PCs Vuln...
Welcome to DU! The truly grassroots left-of-center political community where regular people, not algorithms, drive the discussions and set the standards. Join the community: Create a free account Support DU (and get rid of ads!): Become a Star Member Latest Breaking News Editorials & Other Articles General Discussion The DU Lounge All Forums Issue Forums Culture Forums Alliance Forums Region Forums Support Forums Help & Search

Computer Help and Support

Related: About this forum

douglas9

(4,474 posts) Sat Jun 22, 2019, 08:46 AM Jun 2019

Millions of Dell PCs Vulnerable to Flaw in Third-Party Component

Millions of PCs made by Dell and other OEMs are vulnerable to a flaw stemming from a component in pre-installed SupportAssist software. The flaw could enable a remote attacker to completely takeover affected devices.

The high-severity vulnerability (CVE-2019-12280) stems from a component in SupportAssist, a proactive monitoring software pre-installed on PCs with automatic failure detection and notifications for Dell devices. That component is made by a company called PC-Doctor, which develops hardware-diagnostic software for various PC and laptop original equipment manufacturers (OEMs).

“According to Dell’s website, SupportAssist is preinstalled on most of Dell devices running Windows, which means that as long as the software is not patched, this vulnerability probably affects many Dell users,” Peleg Hadar, security researcher with SafeBreach Labs – who discovered the breach – said in a Friday analysis.

https://threatpost.com/millions-of-dell-pcs-vulnerable-to-flaw-in-third-party-component/145833/

InfoView thread info, including edit history TrashPut this thread in your Trash Can (My DU » Trash Can) BookmarkAdd this thread to your Bookmarks (My DU » Bookmarks) 2 replies, 1264 views
ShareGet links to this post and/or share on social media AlertAlert this post for a rule violation PowersThere are no powers you can use on this post EditCannot edit other people's posts ReplyReply to this post EditCannot edit other people's posts Rec (6) ReplyReply to this post
2 replies = new reply since forum marked as read
Highlight: NoneDon't highlight anything 5 newestHighlight 5 most recent replies
Millions of Dell PCs Vulnerable to Flaw in Third-Party Component (Original Post) douglas9 Jun 2019 OP
Not just Dell. This flaw may be in hundreds of millions of PCs. Eugene Jun 2019 #1
Concerned windows users do this: Brainfodder Jun 2019 #2

Eugene

(62,638 posts)
1. Not just Dell. This flaw may be in hundreds of millions of PCs.
Reply to douglas9 (Original post)
Sun Jun 23, 2019, 01:26 PM
Jun 2019

Source: Forbes

Jun 22, 2019, 06:30pm

Warning Issued For Millions Of Microsoft Windows 10 Users

Gordon Kelly Senior Contributor
Consumer Tech
I write about technology's biggest companies

Windows 10 has enough problems to deal with right now. But Microsoft’s partners just made things a lot worse.

Picked up by Gizmodo, acclaimed Californian security company SafeBreach has revealed that software pre-installed on PCs has left “millions” of users exposed to hackers. Moreover, that estimate is conservative with the number realistically set to be hundreds of millions.

The flaw lies in PC-Doctor Toolbox, systems analysis software which is rebadged and pre-installed on PCs made by some of the world’s biggest computer retailers, including Dell, its Alienware gaming brand, Staples and Corsair. Dell alone shipped almost 60M PCs last year and the company states PC-Doctor Toolbox (which it rebrands as part of ‘SupportAssist’) was pre-installed on “most” of them.


What SafeBreach has discovered is a high-severity flaw which allows attackers to swap-out harmless DLL files loaded during Toolbox diagnostic scans with DLLs containing a malicious payload. The injection of this code impacts both Windows 10 business and home PCs and enables hackers to gain complete control of your computer.

-snip-


Read more: https://www.forbes.com/sites/gordonkelly/2019/06/22/microsoft-windows-10-problem-warning-dell-diagnostics-security-upgrade-windows/#147022a63f28

TopBack to the top of the page AlertAlert this post for a rule violation ShareGet links to this post PowersThere are no powers you can use on this post
  EditCannot edit other people's posts RecommendRecommend this post ReplyReply to this post

Brainfodder

(7,181 posts)
2. Concerned windows users do this:
Reply to Eugene (Reply #1)
Tue Jun 25, 2019, 02:55 PM
Jun 2019

Look for: (in bold)

The flaw lies in PC-Doctor Toolbox, systems analysis software which is rebadged and pre-installed on PCs made by some of the world’s biggest computer retailers, including Dell, its Alienware gaming brand, Staples and Corsair. Dell alone shipped almost 60M PCs last year and the company states PC-Doctor Toolbox (which it rebrands as part of ‘SupportAssist’) was pre-installed on “most” of them.

Using the search box within Windows 10, if you have it installed, should probably find it.

I build my own system, so I don't have pre-installed squatters when I start a new system except the ones already inside Windows 10.

How to be rid of it, there are likely already plenty of web sites with details, go look for it?

TopBack to the top of the page AlertAlert this post for a rule violation ShareGet links to this post PowersThere are no powers you can use on this post
  EditCannot edit other people's posts RecommendRecommend this post ReplyReply to this post
Reply to this discussion
Latest Discussions»Help & Search»Computer Help and Support»Millions of Dell PCs Vuln...
Home | Latest Discussions | Greatest Discussions | Latest Videos | All Forums

About | Copyright | Privacy | Terms of service | Contact

In Memoriam

© 2001 - 2024 Democratic Underground, LLC. Thank you for visiting.