ON THIS PAGE: Hundreds of millions of PCs are affected by a Dell driver flaw.
A Dell Huge problem. News, gear, PCs, weakness, kernel-level, protection, Dell, fix, personal computing, drivers are all listed in this post.
In this photo illustration taken on October 12, 2015 in the Manhattan borough of New York, a Dell logo is seen on the front of a screen. Dell Inc announced on Monday that it has agreed to acquire EMC Corp, a data storage provider, for $67 billion in a record technology transaction that would bring two mature firms together to form an enterprise technology powerhouse.
According to security researchers at Sentinel Labs, Dell has been publishing a firmware upgrade driver since 2009 that includes “five high severity flaws.” According to a Dell security alert update, the problem could impact hundreds of millions of PCs, but the PC manufacturer has now resolved the issue with a security fix.
The flaw (in a file named DBUtil) is currently a chain of five flaws that have been assigned the number CVE-2021-21551. Four of the vulnerabilities result in privilege escalation, and one results in access refusal. There are 380 models impacted, spanning from personal computers to the most recent Alienware and Dell notebooks. There’s a fair probability that if you buy a Dell machine, even if it’s no longer funded, it’s on the list.
To date, no proof of the weakness being abused in the wild has been found. According to Dell’s FAQ, an intruder will require local access to the computer in order to exploit the hack or deceive the consumer by phishing or other methods. Furthermore, since the driver in question isn’t preloaded on PCs, it will only effect the PC if the firmware has been upgraded.
Sentinel Labs researchers have given basic details regarding the bug, but have withheld details about how to fix it to allow users time to repair. If you believe your computer is vulnerable, follow Dell’s instructions to fix the issue here
Dell Technologies Inc. released an emergency fix today to address vulnerabilities discovered in hundreds of millions of machines sold by the firm since 2009.
The five vulnerabilities, tracked as CVE-2021-21551, were discovered and publicized today by SentinelLabs researchers. They affect DVUtil 2.3, a Dell BIOS driver that allows the operating system and system apps to interact with the computer’s BIOS, which is firmware used in booting up a computer, as well as hardware.
The vulnerabilities, which have a CVSS score of 8.8 on a scale of 10, include four that may be exploited for privilege escalation and one that can be leveraged for a denial-of-service attack. The five cover memory corruption, input validation, and a code-logic problem.
It’s severe enough that Dell has written a knowledge base article and offered a workaround. However, the vulnerabilities cannot be exploited via the internet and must be exploited by an attacker who has physical access to the vulnerable device. An attacker with access to a device may execute arbitrary code with kernel-mode rights through privilege escalation. In this manner, the attacker may circumvent security measures and gain complete control of the device.
“An attacker with network access may also obtain access to execute code on unpatched Dell systems and exploit this vulnerability to achieve local elevation of privilege,” the researchers said. “Attackers may then use additional methods, such as lateral movement, to pivot to the larger network.”
On the plus side, the researchers claim that they haven’t found any evidence of the vulnerabilities being exploited in the wild yet. They went on to say that with hundreds of millions of businesses and individuals now exposed, they think it is unavoidable that attackers would target those who do not take the necessary precautions.
Dell recommends users to uninstall the vulnerable dbutil 2 3.sys driver from impacted computers as soon as possible by downloading and executing a driver removal tool or doing so manually. Following that, users should download and install the most recent firmware update packages using the relevant update utility package: Dell Command Update, Dell Update, Alienware Update, Dell System Inventory Agent, or Dell Platform Tags, as applicable.