Nearly 130 Dell computer models could be targeted by an attack that would allow hackers to destroy the operating system of these machines and control their security systems. Millions of users could be killed.
Eclipse security researchers sounded the alarm this week. A set of vulnerabilities in the BIOSConnect feature of Dell SupportAssist, a module commonly installed on Dell desktops, laptops and tablets, will allow hackers to control the boot process of these PCs and give them full freedom to control the highest security. .
Patches are available
Dell SupportAssist handles system recovery and repair, overall support functions. BIOSConnect is part of this software, which is used to update system firmware and restore the operating system version of the system. Two components that go hand in hand are typically found on Dell engines equipped with Windows.
These two components communicate through the cloud of the American manufacturer. Eclipse researchers have identified four vulnerabilities that, when exploited together, provide a mechanism for activating the arbitrary code in the BIOS of infected PCs. Suffice it to say that this is a serious shortcoming, which is also estimated at 8.3 on the Common Impact Assessment System (CVSS) level.
That’s not all: all three additional effects were diagnosed by eclipse. Two of them affect the operating system recovery, the last of which affects the firmware update system. Dell responded quickly by publishing Corrections To the BIOS / UEFI of PCs that may be victims of these attacks. These updates are available from June 24th.
“Avid writer. Subtly charming alcohol fanatic. Total twitter junkie. Coffee enthusiast. Proud gamer. Web aficionado. Music advocate. Zombie lover. Reader.”