Just like virtually everything else, tools used for computer support purposes have their fair share of bugs and vulnerabilities. And you can be sure that hackers and malware are taking advantage of every vulnerability they can truly capitalize on. So, next time you are getting remote computer support, just make sure that the person who is doing the support is actually a support technician and not a hacker.

Multiple flaws in commonly used technical support tools can open Windows PCs to cyberattack, security experts have warned.

The vulnerable tools are often used by Internet service providers, PC makers and others to provide support functions such as remote assistance, the U.S. Computer Emergency Readiness Team said in an alert published Thursday. The tools, provided by SupportSoft, contain multiple vulnerabilities, it warned.

US-CERT lists nearly 40 companies and other organizations that have shipped the affected software. Some have addressed the problem, while others are still listed as vulnerable or unknown. Those that have yet to fix the SupportSoft issue include IBM and Internet access providers BellSouth, Comcast and Time Warner, it said.

Symantec includes the SupportSoft components in its consumer security products. The Cupertino, Calif.-based company released its own alert on Thursday, along with fixes. The problem is “high” risk, but is mitigated somewhat, because triggering the flaw would require some action on the part of the user, Symantec noted.[more]

Tags: Bugs