720-891-1663
Return to the list of client alerts
Dell laptops, desktops and tablets built since 2009 running Windows can be exploited to grant attackers system admin permissions and then completely own the computer.
It is being reported that there are hundreds of millions of computers at risk. Now that hackers know about this, assume that there will be attacks.
This is possible due to FIVE vulnerabilities in Dell’s dbutil driver.
The good news is that the exploit can only be done by an application running on the machine, which means that an attacker needs to somehow get her software on the computer. That does not seem like that hard a task.
There will be a patch available soon.
Now here is the bad news. THE BUGS HAVE BEEN AROUND FOR 12 YEARS AND ONLY NOW ARE BEING PATCHED.
In Dell’s advisory, they recommend removing the driver.
The driver could have been installed via Dell Command Update, Dell Update, Alienware Update, Dell System Inventory Agent, Dell Platform tags and other software.
Dell has a command line utility to delete the driver and there is a SILENT option, so businesses can push it via GPO. If you are running the Dell System Inventory Agent you have to download the replacement driver first.