• Dell: Recent patches break iSCSI login on Dell PS Series arrays

    Home » Forums » Newsletter and Homepage topics » Dell: Recent patches break iSCSI login on Dell PS Series arrays

    Tags:

    Author
    Topic
    Viewing 1 reply thread
    Author
    Replies
    • anonymous
      Guest
      June 21, 2019 at 1:21 am #1851035

      Dell has got some new issues that are not Windows KB related to deal with but do require some patching as well, and this may just affect more than Dell as that’s some nice third party vendor to Dell that supplying the software that is labelled/branded SupportAssist with a rather egregious security issue. “The software itself is written and maintained by PC Doctor” according to The Register(1).

      “Dell’s troubleshooting software SupportAssist, bundled with the US tech titan’s home and business computers, has a security flaw that can be exploited by malware and rogue logged-in users to gain administrator powers.” (1)

      “the software insecurely loads .dll files when run. Researcher Peleg Hadar told The Register SupportAssist, which runs with SYSTEM-level privileges, will automatically pull in unsigned code libraries from user-controlled folders. That means malware or dodgy users can leave their own .dll files in a path, wait for SupportAssist to blindly load them, and thus execute code within an admin context.” (1)

      The house key is under the mat and that mat is embossed with the words: house key under this mat!

      (1)
      “Millions of Windows Dell PCs need patching: Give-me-admin security gremlin found lurking in bundled support tool”
      https://www.theregister.co.uk/2019/06/20/dell_supportassist_security_hole/

      1 user thanked author for this post.
      doriel
      Reply | Quote
    • doriel
      AskWoody Lounger
      June 21, 2019 at 4:27 am #1851199

      So unustalling these updates will fix this issue? I wonder if connection and settings will be lost, or if it will remain untouched after removing these updates.

      This issue with SupportAssist is known for month or two. Article on bleeping computers says:

      “An unauthenticated attacker, sharing the network access layer with the vulnerable system, can compromise the vulnerable system by tricking a victim user into downloading and executing arbitrary executables via SupportAssist client from attacker hosted sites.”

      Youtube: Dell Remote Code Execution Demo

      Dell Latitude 3420, Intel Core i7 @ 2.8 GHz, 16GB RAM, W10 22H2 Enterprise

      HAL3000, AMD Athlon 200GE @ 3,4 GHz, 8GB RAM, Fedora 29

      PRUSA i3 MK3S+

      Reply | Quote
    Viewing 1 reply thread
    Reply To: Dell: Recent patches break iSCSI login on Dell PS Series arrays

    You can use BBCodes to format your content.
    Your account can't use all available BBCodes, they will be stripped before saving.

    Your information:




DON'T MISS OUT!
Subscribe to the Free Newsletter
We promise not to spam you. Unsubscribe at any time.
Invalid email address

View the Forum

  • Recent Replies
  • My Replies
  • My Active Topics
  • New Posts in the Last day
  • Private Messages
  • Knowledge Base
  • How to use the Forums
  • All Forums

    • Recent Topics

    My Profile

    May 2025
    S M T W T F S
     123
    45678910
    11121314151617
    18192021222324
    25262728293031

    Remembering Woody

     

    Want to Advertise in the free newsletter? How about a gift subscription in honor of a birthday? Send an email to sb@askwoody.com to ask how.

    Mastodon profile for DefConPatch
    Mastodon profile for AskWoody

     

    Home About FAQ Posts & Privacy Forums My Account
    Register Free Newsletter Plus Membership Gift Certificates MS-DEFCON Alerts

    Copyright ©2004-2025 by AskWoody Tech LLC. All Rights Reserved.