One of the most difficult parts about creating technology is proofing it against the entire spectrum of digital threats. Not only are viruses constantly evolving and advertisements becoming more tricky to deal with, but hackers are also always probing popular systems for weak spots. When they find them, it can spell disaster -- not just for individuals, but for everyone with the same kind of computer or software.
When a device maker is popular enough, its products become a priority target for all manner of skulduggery. As it turns out, a recent discovery proved these fears are well-grounded. A dangerous exploit has been found in a popular, pre-loaded piece of software that can grant hackers backdoor access to a person's entire computer!
Not only is this security hole extremely vulnerable, but the software involved is also bundled with the majority of one device maker's products (as well as several third-party systems)! To fight back against this threat, it's releasing a critical security patch that can stamp out this flaw -- but not everyone has updated yet! Read on to learn if your device is at risk, and what you can do to stay safe.
The scoop on SupportAssist security
Researchers at security firm SafeBreach Labs found a startling flaw in a program that comes pre-installed in the majority of Dell-branded computers, as well as several third-party PCs under a different name. The program is known as SupportAssist, which is a built-in technical support tool tailored for Dell users, but it's also called PC-Doctor Toolbox when bundled with other devices.
Dell has stated that the flaw is a PC-Doctor vulnerability, and is present in SupportAssist due to its components shipping with the software suite.
According to SafeBreach Labs, the flaw arose from a lack of authentication when the system pulls library files from the folders it interacts with.
Since the program doesn't verify whether these libraries are legitimate or not, a skilled hacker could place a corrupted file into a folder that SupportAssist or PC-Doctor would accidentally scan and activate. Once opened, the entire system could be compromised, exposing private user data to hackers and cybercriminals.
Am I affected by this security flaw?
Thankfully, Dell took quick action to address the security hole and released a patch on May 28th of this year that completely addressed the issue. According to Dell, more than 90% of its customers have already installed the patch, meaning that the remaining 10% are most at risk of exploitation.
The widespread adoption of this patch is the result of automatic updates, which Dell often enables by default. If you don't have this enabled in your system (or don't know if you do), the best course of action would be to manually download and install the patch. Even if it's already on your system, installing the patch again manually won't cause any harm to your computer.
To get the patch, simply click or tap to visit the SupportAssist download page. Installing the update will put the latest version of the program on your computer -- with the vulnerability removed.
As for non-Dell computers, it's unknown if there are patches currently available at the moment. We'll be updating the story if and when they become available.
As dangerous as the internet can be for your computer's health, staying on top of the latest patches and updates is the best way to keep your system free of bugs and security holes. Just make sure that you're staying away from dangerous places where hackers are likely to lurk, and you'll substantially reduce your risk.
The web is a big place. Stay safe, and browse smart!
Microsoft hack gave cybercriminals full access to your email content
Were you recently notified by Microsoft that unauthorized parties may have accessed your email account? If you received this message, you should take action immediately. The security and privacy of your emails are at risk. We’ll share the devious hack details and how to protect your data.