Header Ads

Millions Of Dell Computers At Risk: What You Need To Know & Do

Users of Dell PCs have a new security vulnerability to watch out for. It was recently discovered that pre-installed software on millions of Dell computers could be taken over by bad actors — thus giving them access to system-wide control of someone's device.

In 2021, things like hackers, malware, viruses, etc. are all expected things with connected gadgets. Whether it be people actively looking for ways to hack devices or vulnerabilities in how a piece of software was created, it's not uncommon for security issues to pop up. It's not ideal, but that's the state of the connected world.

Related: Apple Says Macs Now Have A High & Unacceptable Level Of Malware

On June 24, 2021, security company Eclypsium revealed four new vulnerabilities that impact 128 different Dell desktops and laptops, resulting in more than 30 million individual PCs being put at risk. The first vulnerability has to do with the Dell SupportAssist application, which is pre-installed on "most" Dell computers and is used to "proactively check the health of your system's hardware and software." Unfortunately, Eclypsium found that a hacker can essentially disguise themselves as Dell and use SupportAssist to gain access to a computer's BIOS — all without there being any trace of their presence. The additional vulnerabilities also provide ways for hackers to access the BIOS and execute malicious code from it. As it's noted in the report, "Successfully compromising the BIOS of a device would give an attacker a high degree of control over a device. The attacker could control the process of loading the host operating system and disable protections in order to remain undetected."

Hearing that is likely concerning for anyone with a Dell computer, but there is a silver lining to this story. Eclypsium reported its findings to Dell on March 3. Since then, Dell has acknowledged the issue and says BIOS updates are rolling out now that will patch the vulnerability. Users are recommended to install the updates "immediately." The updates should have begun rolling out as of June 24, so be sure to download them as soon as they're available. Speaking to ZDNet, a Dell representative said, "The features will be automatically updated if customers have Dell auto-updates turned on."

While this certainly isn't a good look for Dell, it's far from the only company faced with security issues. This past April, for example, a bug with the TextEdit app on macOS was found to easily reveal users' IP addresses using a simple .TXT file. While the ramifications for this Dell incident have potential to be more harmful, the point is that no computers are 100 percent safe from security issues like this. So be safe, mindful, and be sure to download updates as soon as they're made available.

Next: Tim Cook Says Sideloading Apps Would Destroy iPhone Security

Source: Eclypsium, Dell, ZDNet

No comments:

Powered by Blogger.