It has been revealed that a Windows support tool bundled with Dell computers has a high-severity security hole that leaves millions of systems at risk of a privilege-escalation attack.
Critical DLL Hijacking Vulnerability in PC-Doctor For Windows Let Hackers Attack Hundreds of Million DELL Computers: A critical DLL hijacking vulnerability resides in PC-Doctor Dell Hardware Support Service software allows attackers to escalate the… https://t.co/u0C1aa3jCP pic.twitter.com/xFemSOV9un
— Shah Sheikh (@shah_sheikh) June 24, 2019
Jake Moore, Cyber Security Specialist at ESET:
“This vulnerability highlights the issue of third party applications that are given partial access and could potentially be exploited by malware to gain administrator rights.
“It also highlights the threat caused by rogue insiders and could cause companies to lose brand confidence even when it isn’t entirely their fault. Many PCs could be affected and as usual it is vitally important that these machines are updated to the latest version. Putting off a patch will decrease protection levels instantly, however inconvenient it may seem at the time.”