You got a Dell PC, all-in-one, laptop or desktop … then you need to get the latest firmware!
Taken from Engadget … Dell has been releasing a firmware update driver since 2009 that contains “five high severity flaws,” according to security researchers at Sentinel Labs. The issue could affect hundreds of millions of PC, but the PC maker has now addressed the issue with a security patch, according to a Dell security advisory update.
The flaw (in a file called DBUtil) is actually a connection of five vulnerabilities, collectively tracked as CVE-2021-21551. Four of the flaws lead to privilege escalation and one leads to denial of service. Some 380 models are affected, ranging from desktops to the latest Alienware and Dell laptops. If you own a Dell computer, even one no longer being supported, there’s a good chance that it’s on the list.
There’s no evidence to date of the vulnerability being exploited in the wild. According to Dell’s FAQ, an attacker would need local access to your machine to exploit the hack or trick the user via phishing or other means. On top of that, it would only affect the PC if you’ve updated the firmware, as the driver in question isn’t preloaded on PCs.
Source: Engadget