Security News
Recently released Dell BIOS updates are reportedly causing serious boot problems on multiple laptops and desktop models. Impacted models include Dell Latitude laptops, as well as Dell Inspiron 5680 and Alienware Aurora R8 desktops.
Intel has disclosed two high-severity vulnerabilities that affect a wide range of Intel processor families, allowing threat actors and malware to gain higher privilege levels on the device. The former concerns the insufficient control flow management in the BIOS firmware for some Intel processors, while the latter relies on the improper input validation on the same component.
ASUS has released BIOS updates for over two hundred motherboard models to automatically enable the built-in TPM 2.0 security process so that users can upgrade to Windows 11. When Microsoft first announced Windows 11, one of the biggest surprises was the new requirement that computers would need a TPM 2.0 security processor to install or upgrade to the new operating system.
Lenovo this week published information on three vulnerabilities that impact the BIOS of two of its desktop products and approximately 60 laptop and notebook models. Tracked as CVE-2021-3452 and affecting tens of ThinkPad models, the first of the bugs impacts the system shutdown SMI callback function and could be abused by a local attacker that already has elevated privileges on the device to execute arbitrary code.
A chain of four vulnerabilities in Dell's SupportAssist remote firmware update utility could let malicious people run arbitrary code in no fewer than 129 different PCs and laptops models - while impersonating Dell to remotely upload a tampered BIOS. A remote BIOS reflasher built into a pre-installed Dell support tool, SupportAssist, would accept "Any valid wildcard certificate" from a pre-defined list of certificate authorities, giving attackers a vital foothold deep inside targeted machines - though Dell insists the exploit is only viable if a logged-in user runs the SupportAssist utility and in combination with a man-in-the-middle attack. Updates for SupportAssist are available from Dell to mitigate the vulns, which infosec firm Eclypsium reckons affect about 30 million laptops and PCs. The company, which blogged about the vulns, said: "Such code may alter the initial state of an operating system, violating common assumptions on the hardware/firmware layers and breaking OS-level security controls."
A chain of four vulnerabilities in Dell's SupportAssist remote firmware update utility could let malicious people run arbitrary code in no fewer than 129 different PCs and laptops models - while impersonating Dell to remotely upload a tampered BIOS. A remote BIOS reflasher built into a pre-installed Dell support tool, SupportAssist, would accept "Any valid wildcard certificate" from a pre-defined list of certificate authorities, giving attackers a vital foothold deep inside targeted machines - though Dell insists the exploit is only viable if a logged-in user runs the SupportAssist utility and in combination with a man-in-the-middle attack. Updates for SupportAssist are available from Dell to mitigate the vulns, which infosec firm Eclypsium reckons affect about 30 million laptops and PCs. The company, which blogged about the vulns, said: "Such code may alter the initial state of an operating system, violating common assumptions on the hardware/firmware layers and breaking OS-level security controls."
Cybersecurity researchers on Thursday disclosed a chain of vulnerabilities affecting the BIOSConnect feature within Dell Client BIOS that could be abused by a privileged network adversary to gain arbitrary code execution at the BIOS/UEFI level of the affected device. In all, the flaws affect 128 Dell models spanning across consumer and business laptops, desktops, and tablets, totalling an estimated 30 million individual devices.
An estimated 30 million Dell computers are affected by several vulnerabilities that may enable an attacker to remotely execute code in the pre-boot environment, Eclypsium researchers have found. The vulnerabilities affect 128 Dell models of consumer and business laptops, desktops, and tablets, including devices protected by Secure Boot and Dell Secured-core PCs. The problem resides in the BIOSConnect feature of Dell SupportAssist, a solution that comes preinstalled on most Windows-based Dell machines and helps users troubleshoot and resolve hardware and software problems.
A high-severity series of four vulnerabilities can allow remote adversaries to gain arbitrary code execution in the pre-boot environment on Dell devices, researchers said. When BIOSConnect attempts to connect to the backend Dell HTTP server to perform a remote update or recovery, it enables the system's BIOS to reach out to Dell backend services over the internet.
PC maker Dell has issued an update to fix multiple critical privilege escalation vulnerabilities that went undetected since 2009, potentially allowing attackers to gain kernel-mode privileges and cause a denial-of-service condition. The issues, reported to Dell by researchers from SentinelOne on Dec. 1, 2020, reside in a firmware update driver named "Dbutil 2 3.sys" that comes pre-installed on its devices.