A security flaw in the DellSupportAssist that comes preinstalled on all Dell computers could allow a remote hijack of your computer. The attack exposes a vulnerability DellSupportAssist has with remote code execution.
How the remote hijack works
A Dell computer user would have to go to a web page where the attackers would place compromised Javascript. The Javascript can trick the DellSupportAssist into thinking Dell is trying to remote into the computer to fix a problem. The attacker has to be on your same network to then take control of your computer. Attacks on home computers are unlikely (unless other computers are already compromised). Attacks emanating from public wifi (coffee shops, large public venues), hotels and on corporate networks are much more likely.
Proof of concept attack already published
A proof of concept showing how to implement the attack was published on Github several days ago. The attack and vulnerability, called
CVE-2019-3719, is already live and can now be reproduced by anyone.
What Dell Computers are affected?
All recent and old Dell computers that have not disabled the built in DellSupportAssist are vulnerable to this attack. Dell is working on a security patch / update for DellSupportAssist but we would recommend that you disable the DellSupportAssist service for now.
If you have a Dell computer and would like to have a professional computer service company verify your system is secure, call us at 1-800-620-5285. Karls Technology is a nationwide computer service company with offices in many major cities. This blog post is brought to you from our staff at the Lakewood Computer Repair Service, if you need computer repair in Lakewood, CO please call the local office at (720) 441-6460.