Owners of Dell laptops might want to dust off the company’s bundled software update tool. There’s a critical update addressing a flaw that could allow an attacker to take over your system simply by sending you to a compromised website. Amusingly, the bug is in Dell’s own remote support tool that is supposed to help the company fix your laptop. In this case, it’s breaking things. That’s only slightly less bizarre than Asus pushing malware with its support tools.
Dell’s “SupportAssist” software handles debugging, diagnostics, and driver updates for the company’s computers. However, a 17-year-old security researcher Bill Demirkapi recently reported to dell that SupportAssist also came with a vulnerability that opened the door to so-called remote code execution attacks. This is one of the most serious classes of flaws as it allows the attacker to install almost anything they want on your computer. Dell pre-installs SupportAssist on practically every laptop and desktop computer it sells to consumers. That could mean millions of potentially affected systems.
There is at least a shred of good news. Your system is only vulnerable if the attacker is on the same local network where they can use ARP Spoofing. That’s not exactly an insurmountable task. Public Wi-Fi networks are a prime target, as are large corporate networks where someone can quietly plug in and launch an attack. A remote attacker may also be able to fool the SupportAssist tool by compromising a user’s router.
Dell issued the patch on April 23, but many users are probably conditioned to ignore popups and alerts from Dell’s bundled software — it’s usually not important. This is one of those times when you really need to update, though.
To its credit, Dell responded to the report by Demirkapi and took quick action to patch the vulnerability. SupportAssist v18.104.22.168 is available as a direct download on Dell’s site as well as a push installation via the company’s bundled software.