【】

If you own a Dell laptop or desktop then there's a very good chance your machine is vulnerable to attack simply by visiting a malicious website. The good news is, Dell has released a patch to close the security hole.
As ZDNet reports, 17-year-old security researcher Bill Demirkapi discovered a vulnerability (CVE-2019-3719) in the Dell SupportAssist utility which allows an attacker to remote execute code. This is achieved by getting a user to visit a specific website containing JavaScript code capable of tricking the SupportAssist app into downloading and running malicious files (with full admin rights). Importantly, no user interaction is required once the website has been visited and the JavaScript can be hidden inside an ad on a legitimate website.
Here's the remote code execution in action as recorded by Demirkapi:
Dell uses SupportAssist to pro-actively check the health of your hardware and software and then automatically updates each system as necessary. As you've probably guessed, it's a piece of software that gets pre-installed on most new Dell systems, meaning there's a lot of users out there potentially vulnerable to this attack.

Dell has known about the vulnerability since Oct. 26 last year and a patched version of SupportAssist (v3.2.0.90) is now available which closes the security hole. If you own a Dell which has SupportAssist installed, download and install the new version as soon as possible to protect your system.
Featured Video For You
Scientists successfully 3D-print heart from human cells
TopicsCybersecurityDell
相关文章
Two astronauts just installed a new parking spot on the International Space Station
UPDATE: Aug. 19, 2016, 2:04 p.m. EDT。 Astronauts Kate Rubins and Jeff Williams are back in the Inter2025-05-18Christine Hallquist could become America's first openly trans governor
If the only news you ever read came from Twitter, you'd think America was some kind of post-apocalyp2025-05-18David Hogg has plans to run for Congress when he’s 25
David Hogg, one of the powerful young activists who recently graduated from Marjory Stoneman Douglas2025-05-18New photo shows stellar life and death thousands of light
Death and new life meet in a photo showing off a nebula located 7,500 light-years away. The Carina N2025-05-18Two states took big steps this week to get rid of the tampon tax
This week was a big one for those advocating against a tampon tax.。 First, on Thursday, California t2025-05-18MoviePass cancels yearly plan, refunds annual subscribers
"It's not you. It's me... and my plummeting stock valuation." In a surprise to absolutely no one, Mo2025-05-18
最新评论