“According to Dell's website, SupportAssist is preinstalled on most of Dell devices running Windows,” the researchers noted in an advisory. “This means that as long as the software is not patched, the vulnerability affects millions of Dell PC users.”
The flaw, which is considered “high-severity,” enables hackers to replace harmless DLL files loaded during PC-doctor Toolbox diagnostic scans with DLLs containing a malicious payload. Affected products include Dell SupportAssist for Business PCs version 2.0 and Dell SupportAssist for Home PCs version 3.2.1 and all prior versions.
Gives hackers system-level access
The vulnerability was first reported to Dell on April 29, and Dell deployed a fix for CVE-2019-12280 in late May. In a recent statement, the company said "more than 90 percent of customers have downloaded the update and are no longer at risk."
However, unpatched systems are still vulnerable to privilege escalation attacks. Dell recommends that all owners of Dell computers running the Dell SupportAssist software update to the latest version right away if they haven’t already done so, or if they don’t have automatic updates enabled.
Dell SupportAssist for Business PCs version 2.0 and Dell SupportAssist for Home PCs version 3.2.2 contain a fix for the vulnerability.