If you own a Dell branded Windows PC, you probably need to update your computer ASAP. The leading PC manufacturer has released a patch that fixes five “serious” bugs. This issue affects hundreds of Dell models released since 2009 and affects Microsoft operating systems from Windows 7 to the latest flagship operating system – Windows 10.
The vulnerability was discovered by Sentinel Labs security experts, who shared their findings in an online post.
Dell laptops, desktops, notebooks and tablets are affected by the driver vulnerability, which can lead to an escalation of permissions or denial-of-service attacks.
Fortunately, there is no evidence that the bug is being exploited in the wild. According to Dell, a bad actor would either need local access to a machine or trick a victim with a phishing attack to carry out the hack.
READ MORE: Changing this Windows 10 setting could seriously harm your PC
Commenting on the risk of these vulnerabilities, Sentinel Labs said, “These high-severity vulnerabilities, which have been present on Dell devices since 2009, affect hundreds of millions of devices and millions of users worldwide.
“While we haven’t seen any evidence of any of these vulnerabilities being exploited in the wild. There are currently hundreds of millions of businesses and users at the vulnerability. However, it is inevitable that attackers will seek out those who don’t take appropriate action.” Our reason for publishing this study is to help not only our customers but also the community understand the risk and take action. “
If you have a Dell computer and are concerned that you may have been affected, the good news is that a patch has been released.
You can visit the Dell website for a full list of affected computers and download the update required to resolve the issue.
The operating systems affected by the vulnerability are Windows 7, Windows 8.1, and Windows 10. As for the affected Dell computers, some 381 supported Dell devices are at risk from the vulnerability.
Among the lines affected are the XPS, Inspiron, and some Dell Dock devices, as well as many others. 195 Dell platforms that have reached the end of their service life are also affected by the bug, including seven Alienware computers.
Dell has recommended that affected customers update their computers as soon as possible. The vulnerability has been classified as CVE-2021-21551 and has a CVSS score of 8.8. The CVSS scale is a ranking system that is used to rate the severity of security vulnerabilities in the computer system.
The now patched Dell vulnerability is not far from being classified as the highest possible threat – critical. Description of the problem Dell said: “The Dell dbutil_2_3.sys driver contains an insufficient access control vulnerability that could result in privilege escalation, denial of service, or information disclosure. Local authenticated user access is required. “
