Security News

A high-severity series of four vulnerabilities can allow remote adversaries to gain arbitrary code execution in the pre-boot environment on Dell devices, researchers said. When BIOSConnect attempts to connect to the backend Dell HTTP server to perform a remote update or recovery, it enables the system's BIOS to reach out to Dell backend services over the internet.

Security researchers have found four major security vulnerabilities in the BIOSConnect feature of Dell SupportAssist, allowing attackers to remotely execute code within the BIOS of impacted devices. According to Dell's website, the SupportAssist software is "Preinstalled on most Dell devices running Windows operating system," while BIOSConnect provides remote firmware update and OS recovery features.

Apple's brand new AirTag product got hacked already. Why Dell patched a bunch of driver bugs going back more than a decade.

If you are nervous about removing system files by hand, the company has published a download page with an automatic driver remover with the remarkable name of Dell-Security-Advisory-Update-DSA-2021-088 7PR57 WIN 1.0.0 A00.EXE. Unfortunately, just removing the old driver is not enough on its own, because the old firmare update utility left behind on your computer may inadvertently reinstall the buggy driver, thus reintroducing the bug. If you can't yet do step 2, remember to repeat step 1 every time that you run the old firmware updater, in case the update process itself quietly reinstalls the old driver.

PC maker Dell has issued an update to fix multiple critical privilege escalation vulnerabilities that went undetected since 2009, potentially allowing attackers to gain kernel-mode privileges and cause a denial-of-service condition. The issues, reported to Dell by researchers from SentinelOne on Dec. 1, 2020, reside in a firmware update driver named "Dbutil 2 3.sys" that comes pre-installed on its devices.

Dell desktops, laptops, and tablets built since 2009 and running Windows can be exploited to grant rogue users and malware system-administrator-level access to the computers. Essentially, Dell's driver accepts system calls from any user or program on a machine; there are no security checks nor an access control list to see if the caller is sufficiently authorized or privileged.

Five high-severity security flaws in Dell's firmware update driver are impacting potentially hundreds of millions of Dell desktops, laptops, notebooks and tablets, researchers said. The multiple local privilege-escalation bugs exist in the firmware update driver version 2.3 module, which has been in use since 2009.

Owners of Dell devices were informed on Tuesday that a firmware update driver present on a large number of systems is affected by a series of high-severity vulnerabilities. Dell says the vulnerabilities, caused by insufficient access control issues, can be exploited by a local, authenticated attacker for privilege escalation, denial of service, or information disclosure.

A driver that's been pushed for the past 12 years to Dell computer devices for consumers and enterprises contains multiple vulnerabilities that could lead to increased privileges on the system. It is estimated that hundreds of millions of Dell computers, from desktops and laptops to tablets, received the vulnerable driver through BIOS updates.

The VMware Special Committee of independent directors and Dell Technologies have agreed to terms in which VMware will be spun-off from Dell Technologies. Dell Technologies stockholders will receive a pro-rata distribution of VMware shares held by Dell Technologies, and Michael Dell and Silver Lake Partners will own direct interests in VMware.