In another example of a problem that is sadly familiar, Bill Demirkapi found a vulnerability in the support software that Dell installs on most of its new PCs. His method tricks the SupportAssist software — intended as a way to easily update drivers, adjust settings and clean out unused files — into allowing an attacker to remotely install malware. It’s worth noting however, that it would require an attacker being on the same local network as their victim and have the victim view a website controlled by the attacker.
The write up of the issue explains how it works and his process for finding the flaw after replacing his old MacBook Pro with a Dell G3 gaming laptop. It also details his timeline from finding the issue in October until Dell was able to address it earlier this year. At this point, owners of Dell PCs running Windows should check to see if they have SupportAssist installed, and if so, make sure it has been updated to version 18.104.22.168 or higher (the current latest version is 3.2.1).