Customers of Dell devices might be exposed to cyber-attacks, as the pre-installed software includes vulnerabilities that could allow hackers to disable security solutions and to escalate privileges. Expert has discovered 3 different vulnerabilities affecting select Dell systems, urging customers to install the latest updates as soon as possible to prevent attacks.

First and foremost, there’s a privilege escalation vulnerability which exists in the SboxDrv.sys driver. The researcher says the security flaw can be exploited by sending crafted data to the \Device\SandboxDriverApi device driver because it provides read and write rights to everyone.

Security researchers are warning Dell security management software admins to patch their systems after finding six high-risk vulnerabilities.

One of the highest-rated "critical" flaws involves a hidden default account with an easily-guessable password in Dell's Sonicwall Global Management System, a widely-used software used to centrally monitor and manage an enterprise's array of networked security devices. The vulnerability could allow an attacker "full control" of the software and all connected appliances, such as virtual private networking appliances and firewalls. There's no evidence to suggest the flaws have been actively exploited by attackers.

Tech-support scams, in which fraudsters pose as computer technicians who charge hefty fees to fix non-existent malware infections, have been a nuisance for years.

A relatively new one targeting Dell computer owners is notable because the criminals behind it use private customer details to trick their marks into thinking the calls come from authorized Dell personnel. "What made the calls interesting was that they had all the information about my computer; model number, serial number, and notably the last item I had called Dell technical support about my optical drive," Joseph B. wrote in an e-mail.

A trifecta of vulnerabilities has been found in software preinstalled on a number of Dell, Toshiba, and Lenovo consumer and enterprise PCs and tablets, affecting millions of users.

A proof-of-concept that was posted online could allow an attacker to run malware at the system level, regardless of what kind of user is logged in. A user can be tricked into opening a specially-crafted web page, either as a drive-by download or through an email attachment, which could allow an attacker to exploit the flaw. The security researcher confirmed that he did not inform Dell, Toshiba, and Lenovo of the flaws before the the proof-of-concept code was posted online.

In a move eerily similar to the Superfish debacle that visited Lenovo in February, Dell is shipping computers that come preinstalled with a digital certificate that makes it easy for attackers to cryptographically impersonate Google, Bank of America, and any other HTTPS-protected website.

The self-signed transport layer security credential, which was issued by an entity calling itself eDellRoot, was preinstalled as a root certificate on at least two Dell laptops, one an Inspiron 5000 series notebook and the other an XPS 15 model. Both are signed with the same private cryptographic key.