Millions of Windows 10 users are exposed to hackers. California security company SafeBreach has reported a flaw in the PC- Doctor Toolbox, a preinstalled analysis software.  Worse, the PC-Doctor Toolbox has been rebranded “Support Assist” and comes preinstalled on Dell, Alienware, Staples, Tobii, and Corsair.  Taking all of their products combined, the threat really exists for hundreds of millions of users.

A Toolbox vulnerability is so threatening because Toolbox is designed with high-level permission access to all of your computer’s hardware and software.  It can even give itself higher clearance access if the program deems it necessary.  And the high severity flaw SafeBreach discovered allows hackers to swap out harmless DLL files with malicious DLL payloads.  Meaning—complete hacker control of your entire system.

This vulnerability is an example of what drives users to other platforms in search of stronger security and control of their system.  Microsoft’s inability to control what PC makers preinstall on Windows computers only serves to jeopardize Microsoft’s recent pledge of “control, quality, and transparency”.

Gordon Kelly of Forbes’ Consumer Tech reports that he would advise everyone to search their PC for the preinstalled software and uninstall it.  “Dell builds Toolbox into SupportAssist, Corsair relabels it as ‘One Diagnostics’ or just ‘Diagnostics’, Staples calls it ‘Easy Tech Diagnostics’, Tobii refers to its as ‘I-Series/Dynavox Diagnostic Tools’ and there will inevitably be more partners so do your research,” says Kelly.

 

Categories: Cybersecurity

Leave a Reply