时间:2025-04-26 20:28:59 来源:网络整理编辑:綜合
If you own a Dell laptop or desktop then there's a very good chance your machine is vulnerable to at
If you own a Dell laptop or desktop then there's a very good chance your machine is vulnerable to attack simply by visiting a malicious website. The good news is, Dell has released a patch to close the security hole.
As ZDNet reports, 17-year-old security researcher Bill Demirkapi discovered a vulnerability (CVE-2019-3719) in the Dell SupportAssist utility which allows an attacker to remote execute code. This is achieved by getting a user to visit a specific website containing JavaScript code capable of tricking the SupportAssist app into downloading and running malicious files (with full admin rights). Importantly, no user interaction is required once the website has been visited and the JavaScript can be hidden inside an ad on a legitimate website.
Here's the remote code execution in action as recorded by Demirkapi:
Dell uses SupportAssist to pro-actively check the health of your hardware and software and then automatically updates each system as necessary. As you've probably guessed, it's a piece of software that gets pre-installed on most new Dell systems, meaning there's a lot of users out there potentially vulnerable to this attack.
Dell has known about the vulnerability since Oct. 26 last year and a patched version of SupportAssist (v3.2.0.90) is now available which closes the security hole. If you own a Dell which has SupportAssist installed, download and install the new version as soon as possible to protect your system.
TopicsCybersecurityDell
5 people Tim Cook calls for advice on running the biggest company in the world2025-04-26 20:02
Why we enjoy being humiliated during sex2025-04-26 19:55
Twitter's blue couch saga is dividing the timeline2025-04-26 19:48
Uber's Go/Get product showcase: Family profiles, car seats, teen safety, and more2025-04-26 19:45
Here's George Takei chilling in zero gravity for the 'Star Trek' anniversary2025-04-26 19:41
Webb telescope snaps image of solar system that's nothing like ours2025-04-26 19:24
OpenAI's GPT2025-04-26 19:02
The Google Bard AI chatbot is about to get an upgrade2025-04-26 18:28
Pokémon Go is so big that it has its own VR porn parody now2025-04-26 18:19
Saturn once again reigns supreme with most moons2025-04-26 18:04
This 'sh*tpost' bot makes terrible memes so you don't have to2025-04-26 20:11
Scientists find wild fish swimming below 27,000 feet. How it survives.2025-04-26 20:00
How to look at past images in Google Maps Street View2025-04-26 19:17
NASA's black hole animation is jaw2025-04-26 19:00
Florida hurricane forecast remains uncertain, but trends in state's favor2025-04-26 19:00
'Wordle' today: Here's the answer, hints for April 92025-04-26 18:58
'The Night Agent' literally doesn't sleep. Someone allow him a nap.2025-04-26 18:34
Saturn once again reigns supreme with most moons2025-04-26 18:31
Metallica to seek and destroy your eardrums with new album this fall2025-04-26 18:20
Masturbation May: Queer people aren't afraid to talk self2025-04-26 17:52