Slashdot is powered by your submissions, so send in your scoop

 



Forgot your password?
typodupeerror
×
Security Bug

Dell Laptops and PCs Vulnerable To Remote Hijacks (zdnet.com) 70

A vulnerability in the Dell SupportAssist utility exposes Dell laptops and personal computers to a remote attack that can allow hackers to execute code with admin privileges on devices using an older version of this tool and take over users' systems. From a report: Dell has released a patch for this security flaw on April 23; however, many users are likely to remain vulnerable unless they've already updated the tool -- which is used for debugging, diagnostics, and Dell drivers auto-updates. The number of impacted users is believed to be very high, as the SupportAssist tool is one of the apps that Dell will pre-install on all Dell laptops and computers the company ships with a running Windows OS (systems sold without an OS are not impacted). According to Bill Demirkapi, a 17-year-old security researcher from the US, the Dell SupportAssist app is vulnerable to a "remote code execution" vulnerability that under certain circumstances can allow attackers an easy way to hijack Dell systems.
This discussion has been archived. No new comments can be posted.

Dell Laptops and PCs Vulnerable To Remote Hijacks

Comments Filter:
  • by Anonymous Coward on Thursday May 02, 2019 @09:43PM (#58531422)

    "The attack relies on luring users on a malicious web page, where JavaScript code can trick the Dell SupportAssist tool into downloading and running files from an attacker-controlled location."

    AND

    "The attacker needs to be on the victim's network in order to perform an ARP Spoofing Attack and a DNS Spoofing Attack on the victim's machine in order to achieve remote code execution"

    • by Anonymous Coward

      So a compromized router becomes a backdoor into every machine?...

      I see you're minimizing the attack here, but these backdoors have long been an issue.... HP, and Dell putting in remote assistance as default regardless of whether you're contracted in, is no different than Huawai having a backdoor support mechanism.

      A compromised router is the norm these days, all of the big ISPs have their backdoor accounts to maintain their routers.

    • by fluke11 ( 1160111 ) on Friday May 03, 2019 @12:13AM (#58531696)

      All the prerequisites for performing the attack is had by anyone capable of creating an IoT botnet.

      Do you know anyone with a Dell and any of the following:

      • An access point with a known vulnerability or zero day exploit
      • A PS4 or Xbox One with the Marvell Avastar 88W8897
      • A Microsoft Surface laptop
      • A Samsung Chromebook
      • A smart tv with a known vulnerability
      • List goes on

      How many people do you know put their IoT device on a completely different VLAN or guest network than they connect their Dell to?

      Several IoT device have apps for Windows that only work if both the IoT device and laptop are on the same network.

      Attack requiring local network access does not provide the level of protection that you seem to think it does. This is also an unwarranted risk.

      What is really upsetting is Dell has been warned about this type of issue with their updaters [duo.com] before. Previous to that warning, Jeff Clarke promised [youtube.com] Dell would put their full attention to prevent these type of security issues with their pre-installed software in the future.

      While Dell has stated they will be more proactive about their security policies, the truth is they keep performing the same mistakes over and over again resulting in reactionary after the fact fixes such as this one.

    • by Bert64 ( 520050 )

      How many laptops do Dell sell?
      How many of these laptops are carried around and connected to public wifi networks?
      Quite easy to perform this kind of attack if both you and the victim are connected to the same wifi...

    • by AmiMoJo ( 196126 )

      You are missing the point. Huawei is run by an authoritarian government and all bugs are deliberate backdoors designed to steal Western trade secrets! Buying a Huawei is basically inviting the Chinese Communist Part into your business!

      Oh wait, it's Dell... Well, I guess we better ban US products too.

    • Also, the FIRST thing you should do with a new Dell desktop/laptop is to format and install a clean copy of the operating system of your choice. The hardware is good (at least on Brazil) but the bundled software is crappy/useless.
    • All of which can be done pretty easily with a fake hotspot.

    • Is this attack on just Windows, or everything else? Like this Dell I'm using, I replaced Windows years ago w/ PC-BSD/TrueOS, so are the attacks truly portable?
  • So, wait (Score:5, Funny)

    by Anonymous Coward on Thursday May 02, 2019 @09:48PM (#58531424)

    To do this, you have to be on the local network and trick the person into visiting a specially crafted web page?

    At that point it would be a shitton easier to just beat the nerd up and get his password, which is probably Anime11 anyway

  • by Anonymous Coward

    oh.. it's not a Chinese company. Nothing to see here.

  • by Anonymous Coward

    into "Dell inserted back doors into computer equipment for years" the way we do when a security vulnerability is found in Huawei equipment? Is it possible that the government and media is working very hard at making _foreign_ manufacturers of computer equipment seem dangerous and bad? Could it be that there is a lot of lying and false accusations?

  • Equals remote backdoor. It's that simple.

    BTW, I run Linux (Mint) on my Dell Precision m4800 connected to a 34" ultrawide monitor : in addition to be safe from this kind of stuff, my machine is REALLY fast even if I bought it in october 2014 (I'm a software engineer/developer using Java mostly, Docker, a VM with "vanilla" Windows 7 if my client required it, ...).

    I don't know what will be my next laptop (tired reading about all backdoor install by all major laptop vendor). I can't buy a System76, Purism Libre

    • Re: (Score:1, Funny)

      It's ok, you have universal healthcare up there. Just explain why they're gone, get in line, and you'll get some replacements legs soon. To upgrade to Bear Arms, though, you may have to travel to America and pay extra.

  • From TFA:

    ATTACK REQUIRES LAN/ROUTER COMPROMISE

    Can we just stop with the hype over attacks that require something else be compromised first?

    Just silly. In this day and age, everyone has a router (firewall) between their machine and the world. If you gotta break that to break something else, I think that something else is probably not an issue.

    Just stop. Find some real security issues.

  • Our organization switched to using Dell's Command | Update and off of SupportAssist some time ago. I believe the latter is a legacy tool, so you may want to choose to stop using it also. Command | Update handles BIOS and other driver updates more seamlessly thatn SupportAssist did, is faster and easier to use, and seems like a more modern tool.
  • I have two, the first time I turned them on, I had linux mint in the drive to install :-)

C'est magnifique, mais ce n'est pas l'Informatique. -- Bosquet [on seeing the IBM 4341]

Working...