It was revealed this week that Dell is in the process of updating hundreds of PC models to address a security bug affecting machines dating all the way back to 2009. The vulnerability allows an attacker to gain kernel-level permissions in Windows.
The vulnerability was found by security firm Sentinel Labs and while no evidence of this vulnerability being exploited has been found, a fix is still needed. The vulnerability exists in the ‘dbutil 2 3.sys’ driver and would have been installed on Dell PCs via a firmware update through one of Dell’s applications, such as Dell Command Update or Alienware Update.
If you own a Dell PC, read this on May 4, 2021, 20:18 23 comments
What just happened? If you thought your aging Dell laptop was safe from modern malware or hacking exploits, think again. Dell has just released a retroactive, high-priority software patch for hundreds of its machines, some of which have initial releases dating back to 2009.
The patch addresses an insufficient access control vulnerability present in the dbutil 2 3.sys driver, which can be found on Windows-equipped Dell systems with user-installed firmware update packages. Not all Dell machines are affected, but many are; 380, to be precise.
Impacted machines range from Dell s Latitude line-up to its Inspirons and even its G-series gaming notebooks. The vulnerability would allow someone with access to the machine (which could be obtained through malware) to escalate privileges and obtain kernel-level permissions.
Vulnerabilities in Dell driver affect hundreds of millions of computers
SHARE
Dell Technologies Inc. today issued an urgent patch to address vulnerabilities found in hundreds of millions of computers sold by the company since 2009.
Discovered and publicized today by researchers at SentinelLabs, the five vulnerabilities, tracked collectively as CVE-2021-21551, affect DVUtil 2.3, a Dell BIOS driver that allows the operating system and system apps to interact with the computer’s BIOS, which is firmware used in booting up a computer, as well as hardware.
Rated with a CVSS score of 8.8 on a scale of 10, the vulnerabilities include four that can be exploited for privilege escalation and one that can be used for a denial-of-service attack. The five collectively cover memory corruption, input validation and a code-logic issue.