Dell driver vulnerability affects hundreds of millions of PCs

Dell is issuing a patch for 380 models going back to 2009.

Sponsored Links

A Dell logo is pictured on the front of a computer in this photo illustration in the Manhattan borough of New York October 12, 2015. Computer maker Dell Inc said on Monday it had agreed to buy data storage company EMC Corp in a $67 billion record technology deal that will unite two mature companies and create an enterprise technology powerhouse.   REUTERS/Carlo Allegri
Carlo Allegri / reuters

Dell has been releasing a firmware update driver since 2009 that contains "five high severity flaws," according to security researchers at Sentinel Labs. The issue could affect hundreds of millions of PC, but the PC maker has now addressed the issue with a security patch, according to a Dell security advisory update

The flaw (in a file called DBUtil) is actually a connection of five vulnerabilities, collectively tracked as CVE-2021-21551. Four of the flaws lead to privilege escalation and one leads to denial of service. Some 380 models are affected, ranging from desktops to the latest Alienware and Dell laptops. If you own a Dell computer, even one no longer being supported, there's a good chance that it's on the list. 

There's no evidence to date of the vulnerability being exploited in the wild. According to Dell's FAQ, an attacker would need local access to your machine to exploit the hack or trick the user via phishing or other means. On top of that, it would only affect the PC if you've updated the firmware, as the driver in question isn't preloaded on PCs. 

Sentinel Labs researchers have provided technical information about the flaw but are holding back details on exploitation to give users time to patch. If you think your PC might be affected, follow Dell's guide to address the vulnerability here

All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission.
Popular on Engadget