Vulnerabilities in proprietary Dell software put almost all of the company’s laptops at risk
Researchers at SentinelLabs warned that five critical vulnerabilities were found in the firmware update system for Dell laptops. According to experts, the security breach affects all models of the company’s laptops produced since 2009.
It is reported that with the help of errors in proprietary software, attackers can gain access to devices at the OS kernel level and carry out various attacks. Multiple vulnerabilities were found in the dbutil_2_3.sys update module. This component is responsible for installing firmware at the BIOS level and is present in all Dell and Alienware mobile computers released since 2009.
Kasif Dekel, a cybersecurity specialist at SentinelLabs, reassures users and believes that millions of devices in the world are of more interest to attackers than the owners of the listed computers. However, this is not a reason to ignore critical vulnerabilities in the system. Moreover, Dell warned about this problem back in December 2020, but the company only recently released a guide to update computers and remove dangerous software.
Dell is one of the most popular brands globally, selling millions of laptops, desktops, and server systems annually to consumers and businesses alike. You can imagine what harm cyber criminals will do to the corporate segment if they take advantage of vulnerabilities in branded devices.