A serious security flaw could make a wide range of Dell PCs, tablets and laptops vulnerable to hackers. Although there haven't been any known instances of Dell computers being exploited through the said security flaw so far, experts still urge users to take the necessary steps in patching the vulnerability as soon as possible.
Most Dell computers come pre-installed with antivirus software to deter hackers from utilizing exploits that could wreak havoc. Computers that don't have any antivirus software, but run on the Windows operating system, are still secured by the platform's built-in Microsoft Defender program. However, things can get tricky if a major vulnerability lies in a prominent driver that's being used in updates for many years. It only takes one security vulnerability for a hacker to snoop on an unsuspecting user's computer, and unfortunately for Dell users, a certain driver is inadvertently providing malicious attackers with even easier means of taking over.
According to SentinelLabs, a research group that provides analysis and solutions to various cybersecurity threats and OS security flaws, millions of Dell devices are at currently risk. This is due to a vulnerable component within a program responsible for Dell firmware updates. Since most Dell devices running on Windows, such as laptops, desktops, tablets and notebooks, from 2009 to today, come pre-installed with this program, it's likely that most units also have the troublesome module known as firmware update driver version 2.3 (or “dbutil_2_3.sys”) as well. What makes the driver particularly dangerous is that it allows any non-privileged user -- those without administrative rights -- to communicate with it. This makes it possible for a hacker to interact with a Dell user's hardware, such as making unwanted changes to their HDD storage drive or GPU. In turn, this can jeopardize the personal information or corporate profiles of any user with a Dell computer.
How To Fix This Dell Security Vulnerability
Some vulnerability fixes take a lot of time, but for this particular situation, Dell users have more than one way to remedy the problem. Based on Dell's support page, the easiest solution is for users to simply set their Dell SupportAssist to automatically download and apply updates, although it is worth noting that the fix won't be available through this method until May 10, 2021. Another option is to directly download and run the Dell Security Advisory Update DSA-2021-088.
For those without internet, they can also opt to manually remove the vulnerable module themselves by opening file explorer and deleting the “dbutil_2_3.sys” file, which can be found in either Windows\Temp or Users\<insert_username>AppData\Local\Temp addresses. While researchers have yet to find any indication of this vulnerability having been exploited yet, the potential damage it can do is still quite alarming, based on the magnitude of those affected, from 2009 desktops to today's portable high-end models.
Source: SentinelLabs, Dell