Millions of Dell devices may be at risk due to security vulnerabilities in the supporting software the company pre-installs on many of its systems.
MAJOR DELL security vulnerability fixed affecting millions of computers
Eclypsium has discovered multiple security vulnerabilities in 129 different computer models that use Dell's SupportAssist software, according to a report. According to Gizmodo, there are four separate vulnerabilities, one of which allows attackers to redirect the connection between Dell's BIOSConnect software and Dell servers. If successful, attackers could force custom update packages onto affected models.
According to researchers, the vulnerabilities could allow attackers to gain access to affected machines via an exploit located in the boot configuration, or they could impersonate Dell and send malicious content to the machine.
One of the most concerning aspects of this whole ordeal, however, is that Eclypsium discovered these flaws when it was using a PC with a secure core. This means that the Windows Secure Boot feature does not protect any affected machine.
