View more in

Millions of Dell laptops must be updated to fix ‘high severity’ flaws - and asks customers to check for one specific file

Posted by 
The Independent
The Independent

Dell computers manufactured after 2009 require a vital software update in order to fix a vulnerability that could let malicious individuals take control of computers.

The list of affected computers totals over 380 models, including the XPS 13 and XPS 15, a number under the Inspiron and Latitude range, and the G3, G5, and G7 gaming laptops

The five high severity vulnerabilities, which were found by SentinelLabs , had gone undisclosed for 12 years but, astonishingly, seem to have not been used by malicious individuals.

The bug “could allow any user on the computer, even without privileges, to escalate their privileges and run code in kernel mode”, the researchers say. Applications run in ‘user mode’, while ‘kernal mode’ manages core operating system components.

“Among the obvious abuses of such vulnerabilities are that they could be used to bypass security products”, SentinelLabs continues.

“An attacker with access to an organization’s network may also gain access to execute code on unpatched Dell systems and use this vulnerability to gain local elevation of privilege. Attackers can then leverage other techniques to pivot to the broader network, like lateral movement.”

Dell, announcing its patch, said that utility packages including “Dell Command Update, Dell Update, Alienware Update, Dell System Inventory Agent, or Dell Platform Tags, including when using any Dell notification solution to update drivers, BIOS, or firmware for your system” could have been impacted.

It recommends removing the ‘ dbutil_2_3.sys’ driver by following the instructions on its website or installing the Dell Security Advisory DSA-2021-088 patch.

Dell claims that the vulnerable driver isn’t pre-loaded onto systems, but rather targets installed when the user updates their computer’s firmware. It also says that someone would need to access the computer to take advantage of the bug, through malware, phishing, or being given remote access privileges. In any case, users should install any updates that Dell is pushing to their machines.