Dell Releases Fix for Decades-Old Vulnerability Affecting 100 Million PCs

  • Dell has fixed a vulnerability that loomed in its PCs for 12 years, and which they knew about for two.
  • The problem is a buggy BIOS driver that is present in about 100 million Dell computers.
  • The flaw could potentially open the way to denial of service, privilege escalation, and code execution.

Dell has released a fix for a vulnerability tracked as CVE-2021-21551, and which has a CVSS score of 8.8. The flaw exists in the dbutil_2_3.sys driver, which is typically found in Dell computers that have fetched a firmware, BIOS, or driver update via Dell Command Update, Dell Update, Alienware Update, Dell System Inventory Agent, or Dell Platform Tags.

In practice, that would be about 100 million Dell computers that now need to get rid of the bad driver. To do that, you’ll either have to run another firmware update that will fetch Dell’s fixing patch or manually remove the driver by locating and deleting it.

Dell says they’re going to give a third option on May 10, 2021, when they’ll update the Dell notification solution to automatically download and apply the fixing patch. For this, though, you’ll need to ensure that the particular utility is configured to automatically download and apply updates. If you want to take care of the issue right now, just navigate to “C:\Users\\AppData\Local\Temp” and also “C:\Windows\Temp” and manually delete the “dbutil_2_3.sys” driver file.

The driver contains an insufficient access control vulnerability which could potentially lead to escalation of privileges, denial of service, or information disclosure. Local authenticated user access is required for the exploit to work, making it somewhat less critical - although still very important.

SentinelLabs, who discovered the flaw and reported it to Dell back in December 2020, says there are no indications that it is being exploited in the wild. However, now that the vulnerability has been published, crooks are expected to focus their efforts on scanning for unpatched systems. As the security firm explains, an attacker who has access to an organization’s network could execute code on unpatched Dell computers while bypassing security products, gain local elevation of privilege, and eventually pivot to the broader network.

Interestingly, the first vulnerable version of the DBUtil driver was released back in 2009, so CVE-2021-21551 remained undiscovered for 11 years and unpatched for 12. Even when the problem was reported to Dell, the computer maker initially thought of omitting the fixing effort since most of the affected products had reached EOL.

Eventually, Dell released a fix as the number of vulnerable systems was just too high to ignore the problem, and the negative publicity in the case of unpatched disclosure by SentinelLabs would be catastrophic. Dell workstations are found in a wide range of corporate environments, so updating them immediately should be non-negotiable.

How to Watch Interior Design Masters Season 4 Online from Anywhere
Fans of this reality show, which offers ambitious designers a chance to demonstrate their abilities and pursue their dreams of becoming professional...
How to Watch Rock The Block Season 4 Online: Stream the Renovation Series from Anywhere
Rock the Block, the smash hit home remodeling contest series, is back for its most fantastic season ever! The new six-episode season...
How to Watch Spring Baking Championship Season 9 Online: Stream the Cooking Competition from Anywhere
There’s no better way to welcome spring with some freshly baked goods, and that’s precisely how we’ll usher in the good weather...
For a better user experience we recommend using a more modern browser. We support the latest version of the following browsers: For a better user experience we recommend using the latest version of the following browsers: Chrome, Edge, Firefox, Safari