1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Dell support tool put PCs at risk of malware infection

Discussion in 'Network World' started by RSS, Mar 24, 2015.

  1. RSS

    RSS New Member Member

    Attackers could have remotely installed malware on systems running a flawed Dell support tool used to detect customers’ products.

    A security researcher discovered the flaw in November and reported it to the PC manufacturer, which patched it in January. However, it’s not clear if the fix closed all avenues for abuse.

    The application, called Dell System Detect, is offered for download when users click the “Detect Product” button on Dell’s support site for the first time. It is meant to help the website automatically detect the user’s product—more specifically its Service Tag—so that it can offer the corresponding drivers and resources.

    Last year, a security researcher named Tom Forbes reverse engineered the program to see how it communicated with the Dell website. He found that the application installs a Web server on the local machine that listens on port 8884. The Dell site then uses JavaScript to send requests to the local server through the user’s browser.

    To read this article in full or to leave a comment, please click here

    Continue reading...
     

Share This Page