Dell Says Millions of PCs at Risk Due to Critical Flaw in SupportAssist Tool; Fix Issued

Dell has already released a patch for the vulnerability.

Advertisement
By Tasneem Akolawala | Updated: 21 June 2019 18:41 IST
Highlights
  • The problem lies in the PC-Doctor component of SupportAssist app
  • Dell has issued an update for SupportAssist tool with the fix
  • Users are advised to update the tool immediately
Dell Says Millions of PCs at Risk Due to Critical Flaw in SupportAssist Tool; Fix Issued

Dell PCs are at risk of remote attack due to newly discovered bug

A new vulnerability has been discovered in Dell computers that have left millions of systems at risk of a privilege-escalation attack. Dell has released a security advisory warning for all of its consumers to update their laptops and PCs to patch the said vulnerability. The flaw was once agani found in the SupportAssist tool that is bundled with every Dell computer, and this vulnerability was first spotted by SafeBreach. The CVE-2019-12280 vulnerability exists in SupportAssist app for business v2.0 and home PCs v 3.2.1 and prior.

As mentioned, SafeBreach was the one that discovered the flaw and reported this vulnerability. It allows hackers to take over the machine and read the physical memory stored onboard. The problem lies in the SupportAssist tool that is bundled with nearly every Dell computer. The vulnerability lies in the PC-Doctor component. SafeBreach warns that it is possible to "exploit this vulnerability in order to load an arbitrary unsigned DLL into a service that runs as SYSTEM, achieving privilege escalation and persistence". The firm notes that there could well be over 100 million Dell systems that may be affected. Notably, this is the second major vulnerability in the SupportAssist tool found in 2019, with another reported in March.

Dell has already issued an update and "recommends all customers to update at the earliest opportunity." If auto-update is enabled, then the company should have already updated SupportAssist for Business PCs and SupportAssist for Home PCs automatically. However, a whole step-by-step guide can also be found on its security advisory page.

The company further told Tom's Guide, “Dell SupportAssist is not made by PC-Doctor. The vulnerability discovered by SafeBreach is a PC-Doctor vulnerability, which is a third-party component that ships with Dell SupportAssist for PCs. More than 90 percent of customers to date have received the update, released on May 28, 2019, and are no longer at risk. Dell SupportAssist updates automatically if automatic updates are enabled, and most customers have automatic updates turned on.”

Advertisement

All Dell PC and laptop users are advised to check if they are updated to the latest version of SupportAssist. You need to be on Dell SupportAssist for Business PCs version 2.0.1 or Dell SupportAssist for Home PCs version 3.2.2 to ensure that you are safe from any unwanted attacks.

Post your comments

For the latest tech news and reviews, follow Gadgets 360 on X, Facebook, WhatsApp, Threads and Google News. For the latest videos on gadgets and tech, subscribe to our YouTube channel. If you want to know everything about top influencers, follow our in-house Who'sThat360 on Instagram and YouTube.

Further reading: Dell, SupportAssist, SafeeBreach
Apple AirPort Wireless Routers Get Security Firmware Update: How to Download and Install
Microsoft to Launch Just One Next-Gen Xbox Console - Project Scarlett, Quietly Cancels Affordable Variant: Report
Advertisement

Related Stories

Tech News in Hindi »

More Technology News in Hindi »
Popular on Gadgets
Latest Gadgets
Popular Mobile Brands
#Trending Stories
  1. OnePlus 13s Price in India Leaked Ahead of Launch on June 5
  2. Vivo S30, Vivo S30 Pro Mini Launched With 50-Megapixel Selfie Camera
  3. Realme Neo 7 Turbo With 7,200mAh Battery Goes Official; All Specifications
  4. Tecno Pova Curve 5G Launched in India With This Price Tag
  5. Nothing Phone 3 to Drop Signature Glyph Interface in Major Design Shift
  6. Motorola Launches G86, G86 Power, and G56 With These Specifications
  7. Motorola Edge 60 Fusion Review
  8. Lava Bold N1, Lava Bold N1 Pro Debut in India With Budget Price Tags
  9. Samsung Galaxy Z Fold 7, Z Flip 7 to Debut With Android 16-Based One UI 8
#Latest Stories
  1. Reliance Jio Leads April Subscriber Gains, BSNL Loses 1.8 Million Active Subscribers: TRAI Data
  2. Vivo Pad 5 With MediaTek Dimensity 9300+ Chipset, 10,000mAh Battery Launched: Price, Specifications
  3. Motorola G86 and G86 Power With Dimensity 7300 Chipsets Launched Alongside Motorola G56
  4. Nothing Phone 3 Teased to Drop Signature Glyph Interface in Major Design Shift
  5. MIT Study Reveals Why Roman Concrete Lasts Thousands of Years
  6. New Study Confirms Venus Is Still Geologically Active
  7. New Analysis Weakens Claims of Life on Distant Exoplanet K2-18b
  8. Viking Trade Routes More Expansive Than Thought, Finds Swedish Archaeologist After 5000 km Expedition
  9. China Launches AI-Powered Satellite Constellation to Build Space Supercomputer
  10. China and Russia Sign Deal to Build Lunar Nuclear Power Plant by 2036
Gadgets 360 is available in
Follow Us
Download Our Apps
Available in Hindi
© Copyright Red Pixels Ventures Limited 2025. All rights reserved.