This new security patch being rolled out by Dell addresses a flaw found in its update software that could give full control to potential attackers. It appears this vulnerability has been ongoing since 2009 and is only just being addressed.
Estimated reading time: 2 minutes
SentinelLABS discovered the flaw and claimed that hundreds of millions of computers are at risk. SentinelLABS is withholding the details of the vulnerability to allow users to apply the Dell security patch. But here’s what they laid out on their website about it:
- SentinelLabs has discovered five high severity flaws in Dell’s firmware update driver impacting Dell desktops, laptops, notebooks, and tablets.
- Attackers may exploit these vulnerabilities to locally escalate to kernel-mode privileges.
- Since 2009, Dell has released hundreds of millions of Windows devices worldwide which contain the vulnerable driver.
- SentinelLabs findings were proactively reported to Dell on Dec 1, 2020, and are tracked as CVE-2021-21551, marked with CVSS Score 8.8.
- Dell has released a security update to its customers to address this vulnerability.
- At this time, SentinelOne has not discovered evidence of in-the-wild abuse.
The vulnerability exists in the dbutil_2_3.sys driver. This driver file may have been installed on your Dell Windows operating system when you used firmware update utility packages, Dell Command Update, Dell Update, Alienware Update, Dell System Inventory Agent, or Dell Platform Tags, including when using any Dell notification solution to update drivers, BIOS, or firmware for your system.Dell
Interestingly, this vulnerability has been around for this long, but there is no evidence of abuse. Users should apply the Dell security patch as soon as possible. Especially now as SentinelLABS is expected to release the details soon.
What do you think of this Dell vulnerability? Have you applied the security patch? Let us know what you think on our MeWe page by joining the MeWe social network or commenting on our other social media pages.