Your new Windows laptop typically ships with an awful lot of bloatware you don’t need.
Often, it’ll just slow down your computer a tad. But occasionally, a pre-installed piece of manufacturer cruft can pose a serious security risk — and that’s why you should probably update or uninstall Dell’s SupportAssist right away.
The app, which Dell’s support page states is preinstalled on “most of all new Dell devices running Windows” and billed as “the industry’s first automated proactive and predictive support technology,” has apparently been vulnerable to a hack since at least last October, according to 17-year-old security researcher Bill Demirkapi.
It’s not clear why it’s only getting patched just now.
It’s a potentially nasty one: Dell’s SupportAssist has administrator-level access to Windows and is designed to automatically install updates to your computer, and Demirkapi found a way to hijack those update requests — theoretically letting a hacker install something nasty they could use to further breach your PC. You can read all about it, and see a proof of concept, in his blog post.
On the plus side, Demirkapi told ZDNet that it only works if the hacker is on the same local network as your PC, say the public Wi-Fi at your local Starbucks, workplace, or school. And fixing should be as easy as uninstalling the app, or updating to SupportAssist v 126.96.36.199 or later.
You can find the installer at Dell’s support page for the vulnerability, right here.
Have your say
More Technology Headlines
- Huawei's Android loss: How it affects you
- Huawei responds to Android ban
- Google restricts Huawei's use of Android
- How to use Google Maps to help someone find you
- Ghana marks World Telecommunications Day
- Vice President to be honoured as Digital Leader of the Year
- Tech Tent - Who’s spying on you?
- Ghana to take center stage at the global Africa forum on communications
- Facebook bans "inauthentic" accounts targeting Africa
- Samsung and Huawei end years-long patent battle
- Facebook imposes restrictions on live-streaming to prevent future abuse
- WhatsApp hack: Is any app or computer truly secure?
- Facebook curbs Live feature
- WhatsApp discovers 'targeted' surveillance attack
- Apple chargers are getting hit by Trump’s trade war