Vulnerable Dell support tool now detected as risky software

Older versions of Dell System Detect contain a serious vulnerability that allows hackers to install malware on users' computers

Security vendor Malwarebytes has flagged the Dell System Detect tool as a potentially unwanted application after older versions of the program were found to put computers at risk.

Last month a security researcher named Tom Forbes warned that attackers can exploit a weakness in older versions of Dell System Detect to remotely install malware on computers when users visit specially crafted websites.

The program allows Dell's support website to automatically detect the service tags of users' PCs, so it can offer the corresponding drivers. The tool is offered for download when users click the "Detect Product" button on the website for the first time and continues to run in the background after installation.

Forbes reported the issue to Dell back in November and the company released a patched version of Dell System Detect on Jan. 9. However, it seems that many users have not yet updated and their computers are still at risk.

Moreover, the version released by Dell in January -- 6.0.9 -- did not completely fix the problem, researchers from F-Secure said Thursday in a blog post. In order to be secure, users need to install version 6.0.14, which also prevents the program from running automatically when the operating system starts, they said.

Data gathered by F-Secure through its products over the past two weeks showed that Dell System Detect is installed on at least 100,000 computers and only about 1 percent of them run the latest 6.0.14 version.

"We are continuing to investigate further issues and actions that may be necessary to protect our customers," the F-Secure researchers said.

On Friday, security vendor Malwarebytes announced that vulnerable versions of the program will now be detected as PUP.Vulnerable.DellSystemDetect by its products. In the antivirus industry PUP stands for potentially unwanted program.

"We at Malwarebytes are pretty sure there are a lot of folks that won't know about this vulnerability, so we decided to detect it for the sake of raising awareness," the company said in a blog post. "Vulnerable versions of this tool have been seen as early as mid 2012 though most likely even earlier, according to our sources so anyone with a Dell system purchased a few years ago should take special notice and run a scan ASAP."

The owners of Dell computers should either uninstall the tool or ensure that they're running the latest version by following the instructions on Dell's website.

Join the Good Gear Guide newsletter!

Error: Please check your email address.

Tags Dellsecuritypatch managementf-secureMalwarebytesExploits / vulnerabilitiesmalwareantivirus

Our Back to Business guide highlights the best products for you to boost your productivity at home, on the road, at the office, or in the classroom.

Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Lucian Constantin

IDG News Service
Show Comments

Cool Tech

Crucial Ballistix Elite 32GB Kit (4 x 8GB) DDR4-3000 UDIMM

Learn more >

Gadgets & Things

Lexar® Professional 1000x microSDHC™/microSDXC™ UHS-II cards

Learn more >

Family Friendly

Lexar® JumpDrive® S57 USB 3.0 flash drive 

Learn more >

Stocking Stuffer

Plox Star Wars Death Star Levitating Bluetooth Speaker

Learn more >

Christmas Gift Guide

Click for more ›

Most Popular Reviews

Latest News Articles

Resources

GGG Evaluation Team

Kathy Cassidy

STYLISTIC Q702

First impression on unpacking the Q702 test unit was the solid feel and clean, minimalist styling.

Anthony Grifoni

STYLISTIC Q572

For work use, Microsoft Word and Excel programs pre-installed on the device are adequate for preparing short documents.

Steph Mundell

LIFEBOOK UH574

The Fujitsu LifeBook UH574 allowed for great mobility without being obnoxiously heavy or clunky. Its twelve hours of battery life did not disappoint.

Andrew Mitsi

STYLISTIC Q702

The screen was particularly good. It is bright and visible from most angles, however heat is an issue, particularly around the Windows button on the front, and on the back where the battery housing is located.

Simon Harriott

STYLISTIC Q702

My first impression after unboxing the Q702 is that it is a nice looking unit. Styling is somewhat minimalist but very effective. The tablet part, once detached, has a nice weight, and no buttons or switches are located in awkward or intrusive positions.

Featured Content

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?