Keeping your computer updated with the latest software is one of the best ways to protect yourself from hackers. But between specific software patches and operating system flaws, it can be daunting to stay on top of it. Tap or click here for steps to update your PC the right way.
Sometimes a patch here and there could slip through the cracks and would rarely have an impact on your machine. But a security flaw that has been unpatched for almost a decade is a completely different story.
And that is exactly the situation facing computer manufacturer Dell. Going as far back as systems made in 2009, a vulnerability came to light that could allow hackers to gain entry to a PC and take full control of it.
Here’s the backstory
Discovered by security researchers at Sentinel Labs, the five high severity flaws can be found in Dell’s firmware update driver. Almost all Dell machines are impacted, including desktops, laptops, notebooks and tablets.
Full disclosure: Dell is a sponsor of The Kim Komando Show.
The vulnerability allows hackers to exploit a loophole to break into a PC. This can lead to massive data losses and sensitive information being stolen.
“These multiple high severity vulnerabilities in Dell software could allow attackers to escalate privileges from a non-administrator user to kernel mode privileges. Over the years, Dell has released BIOS update utilities which contain the vulnerable driver for hundreds of millions of computers worldwide,” Sentinel Labs explained in a blog post.
In a security update from Dell, the company explains that the flaw is present on your computer if you have used Dell Command Update, Dell Update, Alienware Update, Dell System Inventory Agent, or Dell Platform Tags. It will also be on your machine if you use any Dell notification solution for updated drivers, BIOS, or firmware for your system.
How to patch the flaw
NOTE: These steps can be complicated for some. If you’re not tech-savvy, you might want to wait for the updates that will be released in a few days instead of searching for drivers to delete. We have details on the updates later in this post.
Dell has released a fix for the issue and recommended that users delete the dbutil_2_3.sys driver from your system. Download and run the Dell Security Advisory Update utility to patch it.
Another option is to remove the file manually. You can search for the file through the Start menu or check the most likely location where it would be C:\Users\<username>\AppData\Local\Temp or C:\Windows\Temp.
Once you locate the file in the Windows folder, click on it once and simultaneously press Shift + Del. This will permanently delete the file from your system.
If you use Dell notification solutions, an update will be released on May 10, 2021. Download and run the Dell Security Advisory Update – DSA-2021-088 utility and the problem should be solved.
If you use Dell Command Update, Dell Update, or Alienware Update, the firmware will be updated automatically on your PC when it is available.