News, tips, advice, support for Windows, Office, PCs & more. Tech help. No bull. We're community supported by donations from our Plus Members, and proud of it
Home icon Home icon Home icon Email icon RSS icon
  • Dell: Recent patches break iSCSI login on Dell PS Series arrays

    Home Forums AskWoody blog Dell: Recent patches break iSCSI login on Dell PS Series arrays

    This topic contains 2 replies, has 3 voices, and was last updated by  doriel 5 months, 3 weeks ago.

    • Author
      Posts
    • #1849155 Reply
    • #1851035 Reply

      anonymous

      Dell has got some new issues that are not Windows KB related to deal with but do require some patching as well, and this may just affect more than Dell as that’s some nice third party vendor to Dell that supplying the software that is labelled/branded SupportAssist with a rather egregious security issue. “The software itself is written and maintained by PC Doctor” according to The Register(1).

      “Dell’s troubleshooting software SupportAssist, bundled with the US tech titan’s home and business computers, has a security flaw that can be exploited by malware and rogue logged-in users to gain administrator powers.” (1)

      “the software insecurely loads .dll files when run. Researcher Peleg Hadar told The Register SupportAssist, which runs with SYSTEM-level privileges, will automatically pull in unsigned code libraries from user-controlled folders. That means malware or dodgy users can leave their own .dll files in a path, wait for SupportAssist to blindly load them, and thus execute code within an admin context.” (1)

      The house key is under the mat and that mat is embossed with the words: house key under this mat!

      (1)
      “Millions of Windows Dell PCs need patching: Give-me-admin security gremlin found lurking in bundled support tool”
      https://www.theregister.co.uk/2019/06/20/dell_supportassist_security_hole/

      1 user thanked author for this post.
    • #1851199 Reply

      doriel
      AskWoody Lounger

      So unustalling these updates will fix this issue? I wonder if connection and settings will be lost, or if it will remain untouched after removing these updates.

      This issue with SupportAssist is known for month or two. Article on bleeping computers says:

      “An unauthenticated attacker, sharing the network access layer with the vulnerable system, can compromise the vulnerable system by tricking a victim user into downloading and executing arbitrary executables via SupportAssist client from attacker hosted sites.”

      Youtube: Dell Remote Code Execution Demo

      Dell Latitude E6530, Intel Core i5 @ 2.6 GHz, 4GB RAM, WX 1809 Enterprise

      HAL3000, AMD Athlon 200GE @ 3,4 GHz, 8GB RAM, Fedora 29

    Please follow the -Lounge Rules- no personal attacks, no swearing, and politics/religion are relegated to the Rants forum.

    Reply To: Dell: Recent patches break iSCSI login on Dell PS Series arrays

    You can use BBCodes to format your content.
    Your account can't use Advanced BBCodes, they will be stripped before saving.