Dell SupportAssist for PC is a proprietary software system that proactively checks the health of your PC.
Whenever an issue is discovered on any Dell device, a diagnostics file is sent to Dell Support Center. Users will then be contacted before the problem degenerates into something far more severe.
Dell SupportAssist for Business PCs and Dell SupportAssist for Home PCs were discovered to have a high-risk vulnerability with the PC Doctor component so an urgent patch and upgrade is required to fix them.
This vulnerability seems to affect Dell SupportAssist for Business PCs version 2.0 and Dell SupportAssist for Home PCs version 3.2.1 and all prior versions
The Common Vulnerabilities and Exposure (CVE) discovered with this version has the CVE-2019-12280 identifier.
This means that an attacker can craft an unsigned DLL which the software then loads without verifying, meaning that pretty much any malware can be uploaded into the PC unchecked.
Install the latest updates now
Dell advices all customers to update their system to the latest version that have this vulnerability fixes, namely Dell SupportAssist for Business PCs version 2.0.1 and Dell SupportAssist for Home PCs version 3.2.2.
You may perform this update by either using auto-update of by updating manually. By default, Dell systems will perform the update automatically as long as the auto-update feature is enabled.
Dell reported that most users users have the feature enabled anyway. Ever since the launch of the faulty update in May 28th, pretty much everyone has already been upgraded with the latest hotfix.
Manual updating can be done by downloading and installing the latest product version from: Dell SupportAssist for Business PCs:
- Download Dell SupportAssist on 64-bit PCs
- Download Dell SupportAssist on 86-bit PCs
- Download Dell SupportAssist for Home PCs