As of last night, Malwarebytes started detecting a very popular and very vulnerable application as a PUP.
This application, known as Dell System Detect, is pre-installed with many Dell systems. According to research done by Tom Forbes, older versions of Dell System Detect are vulnerable to a serious remote code execution attack.
What this basically means is that anyone with a vulnerable version of the tool (which maintains persistence on the system and therefore is always running) might be directed by an attacker to a specific website designed to exploit the flaw in the program and execute any commands the attacker wishes.
This could potentially lead to malware being installed without user awareness, stolen credentials, damaged system configuration and more.
Thankfully Dell has since modified this tool based on the research and it is no longer vulnerable, so it’s in the best interest for everyone to update this tool if they are running a computer designed by Dell.
Vulnerable versions of this tool have been seen as early as mid 2012 though most likely even earlier, according to our sources so anyone with a Dell system purchased a few years ago should take special notice and run a scan ASAP.
To make this easy for the search engines, if you have the following being detected on your system:
You are vulnerable to a serious remote code execution attack from cyber criminals. Please update your Dell System Detect software immediately: UPDATE HERE
For more information:
Thanks for reading and safe surfing!