I doubt if malware running at root level can do more harm than running Windows at user level.
Millions of Windows Dell PCs need patching: Give-me-admin security gremlin found lurking in bundled support tool
Dell's troubleshooting software SupportAssist, bundled with the US tech titan's home and business computers, has a security flaw that can be exploited by malware and rogue logged-in users to gain administrator powers. The Texan system slinger today issued an advisory warning that its PC repair tool suffers a privilege- …
COMMENTS
-
-
-
Friday 21st June 2019 06:30 GMT NATTtrash
Re: Please Stop!
We can assume that all Dell PCs that run the Windows operating system without changes from the manufacturer are vulnerable, as long as the user didn't update," said Hadar.
Who's build of the an O/S do you consider to be clean?
Well, we got a couple of Dells here, but they are pretty clean...
sudo dd if=/dev/zero...
-
-
-
Friday 21st June 2019 08:57 GMT Gritpype Thynne
Re: What does Support Assist actually do?
You forgot to include "properly" in the question.
I have left it installed because I have a feeling I am going to be making a warranty service call to them, but I'm not sure if it causes more problems than solves.
I just fired it up to check the version - V3.2.2 already, it proclaims. And then pops up a window "please tick the box to enable automatic updates". My options are enable automatic updates or kill the program. I've not seen that before, and I have run it once or twice. So I eventually give up and enable auto-updates and it goes off and does an update ... to v3.2.2. That's what it said it was already.
I think the other thing it does is check for various updates and pop up notifications about necessary/available ones. For example this time it said there were 8 Dell updates available. When you select the "click here for details" the notification vanishes, along with the OK button to do the updates. And they don't come back until some time later when the number increases. I once clicked on the OK button when there were 4 updates and nothing apparently happened.
Whenever I have used the "check for updates" button in the past when the notification said there were 4 or 5, the support assistant said there were none.
And then there was the other app that said "you need to install support assistant, let me help"...ok...goes away and thinks for a while..."support assistant already installed"... next... "you need to install support assistant, let me help". Not likely.
-
Friday 21st June 2019 10:04 GMT Fading
Re: What does Support Assist actually do?
I wouldn't rely on Support assist to install the driver updates - pop over to the dell site and download the ones you need. Recently, there have been quite a few BIOS updates for intel based machines as well as some intel chipset updates that are important from a security point of view. Deciding to have this installed just to remind you to pop to the dell website periodically is probably not the best use of resources though.
-
-
-
-
Friday 21st June 2019 08:26 GMT Anonymous Coward
Re: Simples...
Same, even 10 + years ago we'd make a clean build for Dells and use drivers which were either not from the Dell site or had been cleaned of addon utilities we didn't need. Dell were really bad for bloating stuff, seems things haven't improved.
We always said that if a tool hadn't been researched for a purpose we weren't installing it. Didn't matter if it was free or paid for, it didn't go on unless we had considered long term support of it.
-
Friday 21st June 2019 08:51 GMT }{amis}{
Dell were really bad for bloating stuff
Tell me about it I had to swap about a pallet full of motherboards over when they had the capacitor bloating issue!
https://www.theguardian.com/technology/blog/2010/jun/29/dell-problems-capacitors
-
-
-
Friday 21st June 2019 10:50 GMT Anonymous Coward
loading untrustworthy code without appropriate checks?
"malware or dodgy users can leave their own .dll files in a path, wait for SupportAssist to blindly load them, and thus execute code within an admin context."
I had assumed that kind of thing stopped being fashionable years ago. Oh well.
"Dell is not alone in shipping PCs with this particular flaw."
Might these be related?
https://support.hp.com/gb-en/document/c06242762
CVE-2018-5927
"HP Support Assistant before 8.7.50.3 allows an unauthorized person with local access to load arbitrary code."
(etc)