Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
×
Security

Dell Patches 12-year-old Driver Vulnerability Impacting Millions of PCs (therecord.media) 23

Hundreds of millions of Dell desktops, laptops, notebooks, and tablets will need to update their Dell DBUtil driver to fix a 12-year-old vulnerability that exposes systems to attacks. From a report: The bug, tracked as CVE-2021-21551, impacts version 2.3 of DBUtil, a Dell BIOS driver that allows the OS and system apps to interact with the computer's BIOS and hardware. In a report published today and shared with The Record, security firm SentinelOne said it found a vulnerability in this driver that could be abused to allow threat actors access driver functions and execute malicious code with SYSTEM and kernel-level privileges. Researchers said the DBUtil vulnerability cannot be exploited over the internet to gain access to unpatched systems remotely. Instead, threat actors who gained initial access to a computer, even to a low-level account, could abuse this bug to take full control over the compromised PC -- in what the security community typically describes as a privilege escalation vulnerability.
This discussion has been archived. No new comments can be posted.

Dell Patches 12-year-old Driver Vulnerability Impacting Millions of PCs

Comments Filter:
  • ...since default uses on Windows systems already have admin rights.
    • by syn3rg ( 530741 )
      *users*
      My "r" must be saving itself for Sept 19th...
    • Yep. And, even in most businesses I deal with, we have to give the users local admin rights -- otherwise a LOT of software packages simply don't run right. Of course, the other point is that, unless you have all accounts locked down totally, USB disabled, BIOS password protected, and BitLocker enabled, then if someone has PHYSICAL access to the PC, it doesn't matter if you can use a privilege elevation attack anyway, because, with physical access, someone who knows what they are doing can basically get acc
      • by EndlessNameless ( 673105 ) on Tuesday May 04, 2021 @12:32PM (#61347094)

        And once you have machines locked down to that extent, the amount of actual work that people can do on them is often nearly none

        That's ancient bullshit.

        My employer has separate networks for business apps vs production, and both environments are functional for unprivileged users.

        There are a few special terminals for legacy apps, but those are relatively isolated.

        Unless you're swimming in legacy crud, it's not that hard. Even then, most legacy stuff can be virtualized and locked behind custom firewall and IPS rules.

      • You're doing it very wrong.

        It's perfectly possible since Windows 7, and perhaps earlier, for the vast majority of users to be able to run as a regular user with print administration. I had that running 7+ years ago at a Fortune 20 company with 50,000 users.

        Sure, there was a lot of annoying workaround stuff that needed to be done, but if your users don't have to install their own applications, a lot of necessary permissions are no longer necessary. Look into automated application delivery services such as

      • does BIOS password protected stop updates from running under dell update / windows update? Unless you use dells enterprise tools for bios?

    • And so it must be, because:

      a. Anything you want to do, you need admin rights.
      b. It is impossible to find out why things fail due to security or authentication failures in windows.

      I rarely needed admin rights on unix or linux, and when I did, sudo was more than adequate. On Windows, I'd have to use sudo every 5 minutes.

  • The only update available from Dell at the moment is to the power manager.

  • "in what the security community typically describes as a privilege escalation vulnerability."

    The word "typically" implies there is something else that a privilege escalation vulnerability might be called. I guess there's "pwning" but I've yet to see anyone use that in a news article.

Solutions are obvious if one only has the optical power to observe them over the horizon. -- K.A. Arsdall

Working...