LASER_oneXM

Level 36
Verified
... ...
Could be used in binary planting attacks

As explained by Dell in its advisory, "A locally authenticated low privileged user could exploit this vulnerability to cause the loading of arbitrary DLLs by the SupportAssist binaries, resulting in the privileged execution of arbitrary code."

This uncontrolled search path vulnerability reported by Cyberark's Eran Shimony is tracked as CVE-2020-5316, comes with a high severity CVSSv3 base score of 7.8, and it affects the following Dell SupportAssist versions:

• Dell SupportAssist for business PCs version 2.1.3 or earlier
• Dell SupportAssist for home PCs version 3.4 or earlier.

The company released Dell SupportAssist version 2.1.4 for business PCs and Dell SupportAssist version 3.4.1 for home PCs with fixes for the vulnerability.

Dell advises all customers to update the Dell SupportAssist software on their computers 'at the earliest opportunity,' seeing that all unpatched versions are vulnerable to attacks. If exploited, this vulnerability allows attackers to load and execute malicious payloads within the context of SupportAssist's binaries on unpatched machines.
... ...
 
dell has always not followed best security practices by allowing its various "dell enhancement" software that rely upon the various Windows interpreters to do the work

this is different though as it is a DLL exploit
 

upnorth

Level 42
Verified
Trusted
Content Creator
Malware Hunter
The main idea behind this types of support tools ain't wrong IMO. It's just that it constant gets reported. The Never Ending Story!? :rolleyes:

Personal I always rips out this kind of software either it's a Dell, HP or Lenovo. Surprise surprise when the machine works better then almost ever.
 

upnorth

Level 42
Verified
Trusted
Content Creator
Malware Hunter
Very good question as not all software is automatic Evil and must be cast back to hell, but some is. Please create a restore point and a backup with Macrium Reflect first, as I saw that available in your Computer configuration.

If you are 100% sure that you don't use and don't need the Dell Support Assist software, that's a good start. Even Dells Backup and Recovery seems and feels redundant as you already have Macrium.
 
Last edited:

upnorth

Level 42
Verified
Trusted
Content Creator
Malware Hunter
Another(very good;)) question, do you think that if necessary I can reinstall it in the future ?
Sure, if you actually feel and think it would come in handy anytime in the future. Dell of course got a page for it. I changed the link language so it will be easier for you to read. Just save it as a bookmark, either in your browser or this post here directly on MT.
 

JB007

Level 20
Verified
Sure, if you actually feel and think it would come in handy anytime in the future. Dell of course got a page for it. I changed the link language so it will be easier for you to read. Just save it as a bookmark, either in your browser or this post here directly on MT.
Thanks @upnorth
I have bookmarked your post (y)
 
Top