Dell Issues Security Patch to Bug Affecting Hundreds of Millions of Computers
All Dell PCs, tablets and notebooks from 2009 are potentially affected
- Dell has released a security patch to fix a loophole potentially affecting hundreds of millions of its PCs, tablets and notebook since 2009.
- The patch is a fix to a security loophole in a driver packaged with firmware update utility packages and tools.
- It affects over 300 models from the company including recent devices like XPS 13 and 15.
- If you're one of the affected users, remove the dbutil_2_3.sys driver from your computer immediately and install the latest update for your model.
Computer manufacturer Dell has issued a security patch to a “high-impact” Kernel bug affecting potentially hundreds of millions of its PCs, tablets, and notebooks. This loophole is available in all of the company’s computers since 2009.
The patch is a fix to a security loophole in a driver packaged with firmware update utility packages and tools. The insufficient access control vulnerability, Dell says, may lead to escalation of privileges, denial of service, or information disclosure.
The bug has been available in the driver for 12 years unnoticed and was recently discovered by security research firm SentinelLabs.
On the bright side, Dell and SentinelLabs say there’s no evidence that the bug has been exploited in the wild, despite the longevity of its existence.
The precise models of affected computers are listed on Dell’s website. It includes lots of computers from the company across several series, including G, Inspiron, Latitude, OptiPlex, Precision, Vostro, XPS, Alienware, and more.
In total, there are over 300 models affected, including recent models like XPS 13 and 15 and flagship gaming laptops like the 2020 Alienware 17 51m r2.
High chances are your Dell computer is affected, too.
Dell notes the affected dbutil_2_3.sys driver file “may have been installed on your Dell Windows operating system when you used firmware update utility packages, Dell Command Update, Dell Update, Alienware Update, Dell System Inventory Agent, or Dell Platform Tags, including when using any Dell notification solution to update drivers, BIOS, or firmware for your system.”
In other words, the driver is not pre-installed on its computers.
If you’re one of the affected users, remove the dbutil_2_3.sys driver from your computer immediately, via either of the three options listed on its website.
Then, download and install the latest firmware update utility package(s), Dell Command Update, Dell Update, Alienware Update, Dell System Inventory Agent, or Dell Platform Tags as applicable.
Check Dell’s website for more details.
Follow us on Telegram, Twitter, Facebook, or subscribe to our weekly newsletter to ensure you don’t miss out on any future updates. Send tips to firstname.lastname@example.org.