Dell has released a security patch which corrects errors in all Dell computers, tablets and laptops shipped since 2009, as well as instructions on how to install it if your computer is affected.
Vulnerability, discovered by the company SentinelLabs, is present in the driver used by Dell and Alienware proprietary firmware update programs. It allows an attacker to obtain kernel-level permissions in Windows and bypass security programs.
The driver in question, dbutil_2_3.sys, which is responsible for Dell firmware updates, is not pre-installed on Dell computers, but is installed by running the firmware update, and loads only after the system restarts.
The five bugs are monitored together under the code CVE-2021-21551, they have a rating of 8.8 out of 10 according to the CVSS scale on the basis of which the severity of the bugs is assessed.
If you have a Dell computer, there is a good chance that it could be vulnerable. The list of affected computers on Dell’s website includes over 380 models, including some of the latest XPS 13 and 15 models, as well as G3, G5 and G7 laptops. Dell also lists nearly 200 computer models that no longer receive updates.
Both Dell and SentinelLabs say they have found no evidence that the hackers used the vulnerability, despite the fact that it has been present on the devices for so long. It’s Dell explained that an attacker would have to have access to your computer to take advantage of an error, which could be obtained through malware, “phishing” or remote access privileges.
SentinelLabs researchers have recommended that users of Dell devices, whether companies or home users, download the update as soon as possible.
Source: Informacija.rs by www.informacija.rs.
*The article has been translated based on the content of Informacija.rs by www.informacija.rs. If there is any problem regarding the content, copyright, please leave a report below the article. We will try to process as quickly as possible to protect the rights of the author. Thank you very much!
*We just want readers to access information more quickly and easily with other multilingual content, instead of information only available in a certain language.
*We always respect the copyright of the content of the author and always include the original link of the source article.If the author disagrees, just leave the report below the article, the article will be edited or deleted at the request of the author. Thanks very much! Best regards!