Dell has been releasing a firmware update driver since 2009 that contains "five high severity flaws," according to security researchers at Sentinel Labs. The issue could affect hundreds of millions of PC, but the PC maker has now addressed the issue with a security patch, according to a Dell security advisory update.
The flaw (in a file called DBUtil) is actually a connection of five vulnerabilities, collectively tracked as CVE-2021-21551. Four of the flaws lead to privilege escalation and one leads to denial of service. Some 380 models are affected, ranging from desktops to the latest Alienware and Dell laptops. If you own a Dell computer, even one no longer being supported, there's a good chance that it's on the list.
There's no evidence to date of the vulnerability being exploited in the wild. According to Dell's FAQ, an attacker would need local access to your machine to exploit the hack or trick the user via phishing or other means. On top of that, it would only affect the PC if you've updated the firmware, as the driver in question isn't preloaded on PCs.
Sentinel Labs researchers have provided technical information about the flaw but are holding back details on exploitation to give users time to patch. If you think your PC might be affected, follow Dell's guide to address the vulnerability here.
All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission.
Article From & Read More ( Dell driver vulnerability affects hundreds of millions of PCs - Engadget )https://ift.tt/3xNK215
Bagikan Berita Ini
0 Response to "Dell driver vulnerability affects hundreds of millions of PCs - Engadget"
Post a Comment