Dell Driver vulnerability

"Vulnerable Dell driver puts hundreds of millions of systems at risk"

- A driver that’s been pushed for the past 12 years to Dell computer devices for consumers and enterprises contains multiple vulnerabilities that could lead to increased privileges on the system.

- A collection of five flaws, collectively tracked as CVE-2021-21551, have been discovered in DBUtil, a driver from that Dell machines install and load during the BIOS update process and is unloaded at the next reboot.

- Dell has prepared a security advisory for this vulnerability.

- The remedy is a fixed driver but the researcher says that at the moment of writing the report the company had not revoked the certificate for the vulnerable driver, meaning that an adversary on the network can still use it in an attack.

https://www.bleepingcomputer.com/ne...puts-hundreds-of-millions-of-systems-at-risk/

---

Good ole Dell!

Here is Dell's Security Advisory - https://www.dell.com/support/kbdoc/...ver-insufficient-access-control-vulnerability

 

Dell releases a critical security update for hundreds of millions of computers notebookcheck.net | 05 May 20121

Dell has released a new security update that closes a critical vulnerability that has been around for twelve years. In total, more than 380 different notebook and desktop models are affected, including some current XPS and Alienware notebooks....

Yeah, Dell struggle with security... More here http://forum.notebookreview.com/thr...ts-and-incidents.816109/page-28#post-10989928

 

I've always uninstalled/never used the command update utilities, and I pick and choose the drivers/updates I want/need on a fresh install.