Dell has issued a patch to fix over decade-old security flaws found in many of its devices, along with a list of instructions for affected customers.
The security flaws, of which there are five, were revealed publicly by cybersecurity company SentinelLabs in a blog post (via ThreatPost) on May 4, although its initial report to Dell was made in December 2020. They were said to have existed inside Dell’s firmware update driver, with “hundreds of millions of Windows devices worldwide” that were released since 2009 having the vulnerable driver. The flaws would have allowed attackers to access kernel-mode privileges, the blog post explained.
On the Dell side, the company provided the following description for the issue: “Dell dbutil_2_3.sys driver contains an insufficient access control vulnerability which may lead to escalation of privileges, denial of service, or information disclosure. Local authenticated user access is required.”
Dell wrote that the driver “may have been installed on your Dell Windows operating system when you used firmware update utility packages, Dell Command Update, Dell Update, Alienware Update, Dell System Inventory Agent, or Dell Platform Tags, including when using any Dell notification solution to update drivers, BIOS, or firmware for your system.”
SentinelLabs said that it hadn’t “seen any indicators that these vulnerabilities have been exploited in the wild up till now”, but added that it was “inevitable that attackers will seek out those that do not take the appropriate action”.
Dell’s support page lists hundreds of models, including nearly 200 end-of-service devices, as being affected by the vulnerability. The more recent models that are affected include 2020’s Alienware 17 51m r2 and 2019’s Alienware Area 51.