This driver file may have been installed on your Dell Windows operating system when you used firmware update utility packages, Dell Command Update, Dell Update, Alienware Update, Dell System Inventory Agent, or Dell Platform Tags, including when using any Dell notification solution to update drivers, BIOS, or firmware for your system. The vulnerability exists in the dbutil_2_3.sys driver. Table A at the bottom of that advisory also has a list of affected Dell computer models. The Dell security advisory DSA-2021-088: Dell Client Platform Security Update for an Insufficient Access Control Vulnerability in the Dell dbutil Driver (last updated 0) states the following and includes instructions on how to locate and remove the vulnerable dbutil_2_3.sys driver, if present. However, it allows threat actors and malware to gain persistence on the infected system. This type of vulnerability is not considered critical because an attacker exploiting it needs to have compromised the computer beforehand. Five flaws in oneĪ collection of five flaws, collectively tracked as CVE-2021-21551, have been discovered in DBUtil, a driver from that Dell machines install and load during the BIOS update process and is unloaded at the next reboot. It is estimated that hundreds of millions of Dell computers, from desktops and laptops to tablets, received the vulnerable driver through BIOS updates. From Ionut Ilascu's 0 Bleeping Computer article Vulnerable Dell Driver Puts Hundreds of Millions of Systems at Risk:Ī driver that’s been pushed for the past 12 years to Dell computer devices for consumers and enterprises contains multiple vulnerabilities that could lead to increased privileges on the system.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |