It was revealed this week that Dell is in the process of updating hundreds of PC models to address a security bug affecting machines dating all the way back to 2009. The vulnerability allows an attacker to gain kernel-level permissions in Windows.
The vulnerability was found by security firm Sentinel Labs and while no evidence of this vulnerability being exploited has been found, a fix is still needed. The vulnerability exists in the ‘dbutil_2_3.sys' driver and would have been installed on Dell PCs via a firmware update through one of Dell's applications, such as Dell Command Update or Alienware Update.
The vulnerability exists on 380 Dell PC models, including recent XPS systems and older PCs dating as far back as 2009, although an attacker would need physical access to the PC in order to exploit it.
Updated firmware is now rolling out to address the issue. If you have a Dell PC, it would be worth opening up Dell Command Update, Dell Update, Alienware Update, or installing the latest version of Dell System Inventory Agent or Dell Platform Tags to ensure your system is secure. Alternatively, you can find the affected file and delete it manually.
Discuss on our Facebook page, HERE.
KitGuru Says: This vulnerability has been flying under the radar for a long time now, but fortunately a fix has finally arrived. If you own a Dell system, be sure to update and stay secure.