Dell security flaw from 2009 affects 'hundreds of millions' of PCs: How to fix it

Nuke them from orbit. It's the only way to be sure.

Credit: Gordon Mah Ung/IDG

First, the bad news: Security researchers recently discovered five high-severity flaws in Dell’s firmware update driver—and they’ve been pushed to customer computers ever since 2009. Now the good news: A fix is already (finally?) available for people who own Dell desktops, laptops, and tablets.

You’ll want to take advantage if you’re affected, as the secretive code won’t stay a secret for long.

“These multiple high severity vulnerabilities in Dell software could allow attackers to escalate privileges from a non-administrator user to kernel mode privileges,” writes Kasif Dekel, a security researcher at SentinelOne that sniffed out the vulnerability. That could let attackers bypass security software or assault the network of an organization that deploys Dell PCs. “Over the years, Dell has released BIOS update utilities which contain the vulnerable driver for hundreds of millions of computers (including desktops, laptops, notebooks, and tablets) worldwide.”

Yep, that’s bad news all right—but it might not be quite as bad as it sounds. “At this time, SentinelOne has not discovered evidence of in-the-wild abuse,” Dekel says. The company is withholding its proof-of-concept for the flaws until June 1 to give users time to get patched and protected.

Dell also says that “The vulnerability cannot be exploited remotely. A malicious actor must first obtain (local) authenticated access to your device.” The need for an attacker to be physically sitting at your computer greatly reduces the practical reach of potential exploits, though these remain critical flaws that should be patched.

On that note, Dell just published a security advisory about the vulnerabilities (collectively identified as CVE-2021-21551) that offers several methods to fix the issues. There’s also a helpful FAQ written in plainer language. You’ll need to eradicate the troublesome driver first, either by running the Dell Security Advisory Update - DSA-2021-088 utility or by manually removing the vulnerable dbutil_2_3.sys driver. By May 10, Dell’s system management apps (such as Dell Command Update, Dell Update, and Alienware Update) will also be able to perform the task. Nuking the file eliminates the threat.

Do it. “While we haven’t seen any indicators that these vulnerabilities have been exploited in the wild up till now, with hundreds of million of enterprises and users currently vulnerable, it is inevitable that attackers will seek out those that do not take the appropriate action,” Dekel says.

After that, you’ll need to install a fixed version of the software from Dell if you want to continue receiving firmware updates. Your system’s preinstalled Dell management app should handle the process, but the exact details will depend on your system’s configuration. Squashing a bug from 2009 is complicated!

Currently, a fixed Windows 10 driver is available, and Dell says one for Windows 7 and 8.1 systems will be posted by the end of July. Older Dell systems beyond their end-of-life don’t look like they’ll be fixed, so be sure to delete that vulnerable driver on those. Dell says the driver is only used by the firmware updater, not other system hardware or software, so removing it shouldn’t affect your system’s performance in any way.

We strongly recommend visiting Dell’s DSA-2021-088 security page for full details on the complex steps that are potentially needed to plug the hole (and to witness the truly staggering list of affected Dell computers). If you want more details about the flaws themselves, check out SentinelOne’s disclosure. And if all this vulnerability talk has the skin on the back of your neck crawling, our guide to the best Windows antivirus software can help ensure your system’s security is in tip-top shape.

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.
Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.
Brad Chacos

Brad Chacos

PC World (US online)
Show Comments

Brand Post

Most Popular Reviews

Latest Articles

Resources

PCW Evaluation Team

Tom Pope

Dynabook Portégé X30L-G

Ultimately this laptop has achieved everything I would hope for in a laptop for work, while fitting that into a form factor and weight that is remarkable.

Tom Sellers

MSI P65

This smart laptop was enjoyable to use and great to work on – creating content was super simple.

Lolita Wang

MSI GT76

It really doesn’t get more “gaming laptop” than this.

Jack Jeffries

MSI GS75

As the Maserati or BMW of laptops, it would fit perfectly in the hands of a professional needing firepower under the hood, sophistication and class on the surface, and gaming prowess (sports mode if you will) in between.

Taylor Carr

MSI PS63

The MSI PS63 is an amazing laptop and I would definitely consider buying one in the future.

Christopher Low

Brother RJ-4230B

This small mobile printer is exactly what I need for invoicing and other jobs such as sending fellow tradesman details or step-by-step instructions that I can easily print off from my phone or the Web.

Featured Content

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?