您现在的位置是:知識 >>正文
【】
知識52人已围观
简介If you own a Dell laptop or desktop then there's a very good chance your machine is vulnerable to at ...
If you own a Dell laptop or desktop then there's a very good chance your machine is vulnerable to attack simply by visiting a malicious website. The good news is, Dell has released a patch to close the security hole.
As ZDNet reports, 17-year-old security researcher Bill Demirkapi discovered a vulnerability (CVE-2019-3719) in the Dell SupportAssist utility which allows an attacker to remote execute code. This is achieved by getting a user to visit a specific website containing JavaScript code capable of tricking the SupportAssist app into downloading and running malicious files (with full admin rights). Importantly, no user interaction is required once the website has been visited and the JavaScript can be hidden inside an ad on a legitimate website.
Here's the remote code execution in action as recorded by Demirkapi:
Dell uses SupportAssist to pro-actively check the health of your hardware and software and then automatically updates each system as necessary. As you've probably guessed, it's a piece of software that gets pre-installed on most new Dell systems, meaning there's a lot of users out there potentially vulnerable to this attack.

Dell has known about the vulnerability since Oct. 26 last year and a patched version of SupportAssist (v3.2.0.90) is now available which closes the security hole. If you own a Dell which has SupportAssist installed, download and install the new version as soon as possible to protect your system.
Featured Video For You
Scientists successfully 3D-print heart from human cells
TopicsCybersecurityDell
Tags:
转载:欢迎各位朋友分享到网络,但转载请说明文章出处“夫榮妻貴網”。http://new.maomao321.com/news/71f3799891.html
相关文章
5 people Tim Cook calls for advice on running the biggest company in the world
知識It's only fitting that the leader of the biggest company in the world has a pretty impressive list o ...
【知識】
阅读更多Kids make healthy, well
知識Dads, start your day with a good breakfast.Redditor CaptainFiddler got a very thoughful, very well-b ...
【知識】
阅读更多Brands will be able to bid on custom Olympics ads in real time
知識Some of the world's biggest publishers are joining forces on a project aimed at delivering web surfe ...
【知識】
阅读更多
热门文章
- This coloring book is here for all your relationship goals
- Sling TV brings live television (finally) to Apple TV
- Ben Affleck gave Matt Damon an adorable shoutout on National Best Friends Day
- Private companies may profit by turning the moon into a space rest stop
- Satisfy your Olympics withdrawals with Nike's latest app
- 'The Lord of the Rings' and Pixar led the way to 'Warcraft'
最新文章
Mom discovers security cameras hacked, kids' bedroom livestreamed
Congratulations, your J. K. Simmons evolved into this monster man
Usher is back with 'No Limit' featuring Young Thug. Yeah!
China invites reporter to take sledgehammer to its longest glass bridge to prove it's safe
Tesla's rumored P100D could make Ludicrous mode even more Ludicrous
Kayaker sends dolphin back to its watery home under the waves