If you don't have auto-update switched on, time to patch
Dell has copped to a flaw in SupportAssist – a Windows-based troubleshooting program preinstalled on nearly every one of its newer devices running the OS – that allows local hackers to load malicious files with admin privileges.
The company has issued an advisory about the flaw, warning that a locally authenticated low-privilege user could exploit the vuln to load arbitrary DLLs by the SupportAssist binaries, resulting in the privileged execution of malware.
SupportAssist scans the system's hardware and software, and when an issue is detected, it sends the necessary system state information to Dell for troubleshooting to begin.
This type of vulnerability is fairly common, but typically requires admin privileges to exploit, so isn' ..
Support the originator by clicking the read the rest link below.
