![]() There will be other vulnerabilities like this one far into the future.There are certainly many more vulnerabilities in other software right now.To be clear, there are no reports of actual hacks or breaches using the SupportAssist flaw, but the important part of this story is that… In fact, the primary purpose of SupportAssist is to keep your system software and drivers up to date and is an important part of cyber security, which makes this software important to your overall cyber security plans if you have Dell computers.īut SupportAssist becomes a new method of delivery that most cyber security software doesn’t monitor. It is legitimate software that belongs on your Dell computers. And when it is downloaded onto Dell computers from the Dell website, and since the software itself is not malware, it would pass any scans or filters anyway. SupportAssist on its own is automatically installed on computers at the factory, and so it never gets analyzed by a web or email filter. Why Most Security Software Can’t (And Didn’t) Catch This Vulnerability As a result, a hacker - or the 17 year old Data Security hobbyist who found the flaw - could use SupportAssist to install and run any sort of malware and cause all sorts of damage. The flaw is that the part of the program that guarantees that only Dell can communicate with your computer through SupportAssist doesn’t do a good job. It allows files to be uploaded, installed and run on your computer. It does this by acting like a tiny web server that only allows communication from the official Dell website. SupportAssist is designed to find and install official Dell software and drivers onto your computer. ![]() The Dell SupportAssist Flaw Simply Explained If the security software finds a match to files sent to you via email or the web, it throws up an alarm, deletes or quarantines the files, and notifies you of the problem. The software will also commonly have a list of malware “signatures” - a library of bits of malware - that the security software checks new files against. Your common antivirus or security software tries to protect you by guarding the gates of all those known methods, analyzing emails that arrive in your inbox, the code on web pages you visit, files on attached drives, and so on. The SupportAssist flaw is not malware, but it allows malware to spread in a new way. But malware but can also spread across networks, thumb drives, mobile devices, outdated software, social networks and many other ways. ![]() The most common ways that malware spreads are by email and infected websites. Generally speaking, malware can steal your money, steal your data, hold your data hostage, shut down your business, destroy data, and all sorts of other bad, very bad, and extremely bad things to make your personal life and business operations miserable. There are two things about malware that are relevant here: What it does and how it spreads. So the big question for most users has got to be “How can I protect myself and my business from vulnerabilities like this SupportAssist flaw?” Understanding Malware What the Asus and Dell threats have in common is that a) neither involve email or website infections, b) both involve system software published by major computer manufacturers, and c) neither of them would or could have been detected by conventional antivirus or cyber security software. How a flaw in Dell’s SupportAssist software that updates drivers on Dell computers leaves Dell computers vulnerable to attack, and how to protect your network.Ībout one month after it was revealed that ASUS computers’ update system was breached, resulting in potentially one million computers being infected with malware, it was announced this month that Dell computers may be similarly vulnerable via its SupportAssist software.
0 Comments
Leave a Reply. |