Dell support tool put PCs at risk of malware infection

JMH

Emeritus, Contributor
Joined
Apr 2, 2012
Posts
7,197
Attackers could have remotely installed malware on systems running a flawed Dell support tool used to detect customers' products.

A security researcher discovered the flaw in November and reported it to the PC manufacturer, which patched it in January. However, it's not clear if the fix closed all avenues for abuse.

The application, called Dell System Detect, is offered for download when users click the "Detect Product" button on Dell's support site for the first time. It is meant to help the website automatically detect the user's product -- more specifically its Service Tag -- so that it can offer the corresponding drivers and resources.

Last year, a security researcher named Tom Forbes reverse engineered the program to see how it communicated with the Dell website. He found that the application installs a Web server on the local machine that listens on port 8884. The Dell site then uses JavaScript to send requests to the local server through the user's browser.
Dell support tool put PCs at risk of malware infection | Computerworld
 

Has Sysnative Forums helped you? Please consider donating to help us support the site!

Back
Top