If you own a Dell laptop023 Archivesdesktop then there's a very good chance your machine is vulnerable to attack simply by visiting a malicious website. The good news is, Dell has released a patch to close the security hole.
As ZDNet reports, 17-year-old security researcher Bill Demirkapi discovered a vulnerability (CVE-2019-3719) in the Dell SupportAssist utility which allows an attacker to remote execute code. This is achieved by getting a user to visit a specific website containing JavaScript code capable of tricking the SupportAssist app into downloading and running malicious files (with full admin rights). Importantly, no user interaction is required once the website has been visited and the JavaScript can be hidden inside an ad on a legitimate website.
Here's the remote code execution in action as recorded by Demirkapi:
Dell uses SupportAssist to pro-actively check the health of your hardware and software and then automatically updates each system as necessary. As you've probably guessed, it's a piece of software that gets pre-installed on most new Dell systems, meaning there's a lot of users out there potentially vulnerable to this attack.
Dell has known about the vulnerability since Oct. 26 last year and a patched version of SupportAssist (v3.2.0.90) is now available which closes the security hole. If you own a Dell which has SupportAssist installed, download and install the new version as soon as possible to protect your system.
Topics Cybersecurity Dell
(Editor: {typename type="name"/})
Today's Hurdle hints and answers for May 5, 2025
Why Upgrading a Gaming PC Right Now is Almost Pointless
TikTok trend features women protecting soft
Monterrey vs. Inter Milan 2025 livestream: Watch Club World Cup for free
Virtual Reality: The True Cost of Admission (and Why It Doesn't Matter)
Best robot vacuum deal: Save $200 on Eufy X10 Pro Omni robot vacuum
Save $200: As of May 16, the Eufy X10 Pro Omni robot vacuum is on sale for $699.99 at Amazon. That's
...[Details]
Curacao vs. El Salvador 2025 livestream: Watch Concacaf Gold Cup for free
TL;DR:Live stream Curacao vs. El Salvador in the 2025 Concacaf Gold Cup for free on YouTube. Access
...[Details]
A Chat With Video Game Composer Christopher Tin
As part of our ongoing series that reviews the history of popular game franchises, TechSpot ran down
...[Details]
Can DLSS Render Better Than Native Graphics?
Over the past few weeks we've been looking at DLSS 2 and FSR 2 to determine which upscaling technolo
...[Details]
Predicting the future is more art than science, yet it's always an interesting exercise to engage in
...[Details]
Wordle today: The answer and hints for June 17, 2025
Can't get enough of Wordle? Try Mashable's free version now O
...[Details]
27 Years of Tomb Raider & Lara Croft
Few video game characters have become more famous than the games that featured them. Lara Croft is o
...[Details]
S3 Graphics: Gone But Not Forgotten
These days, it's rare to see a new hardware company break ground in the world of PCs. However, 30 ye
...[Details]
Arthur Goldhammer ,May 8, 2017 Robin Trium
...[Details]
"Just one more turn," an expression that's become synonymous with the game Civilization. It's a feel
...[Details]
Skype is finally shutting down
Ulsan HD vs. Mamelodi Sundowns 2025 livestream: Watch Club World Cup for free
接受PR>=1、BR>=1,流量相当,内容相关类链接。