A critical security vulnerability has existed in numerous Dell notebooks and desktop models for 12 years. The company has now provided a critical security update for these.
Hundreds of models affected
The vulnerability affects more than 380 different notebook as well as desktop models, including current XPS and Alienware notebooks. The critical vulnerability, which has existed for some time, is now to be closed with the Client Platform Security Update (version number DSA-2021-088). This concerns the driver “dbutil_2_3.sys”, which is installed via Dell’s firmware tool. Dell’s current computers are no longer shipped with this vulnerability.
Attack surface for malware
With the prevailing vulnerability, unauthorized people, according to information from Threatpost, could execute a kernel-level code with admin privileges, bypassing the security mechanisms that are supposed to prevent such an action. Through this loophole, it would be quite easy to install malware without the user’s knowledge and consent. So far, however, no case is known in which the malware was installed through the vulnerability in order to exploit it.
Dell has now also published a current list with the affected models that have the critical vulnerability. The company has also included a comprehensive description of the existing gap. According to estimates from SentinelLabs, a total of hundreds of millions of computers are said to be affected by the vulnerability.
Update to protect
Dell recommends that users of the listed models install the update as soon as possible before a malware incident occurs. This will prevent cyber criminals from exploiting the existing vulnerability. So far, the update to close the gap can only be manually downloaded. Next Monday, May 10, the software will then also be distributed automatically via Dell’s Software Update Tool.