May 4, 2021 04:47 pm
Original Link: http://rss.slashdot.org/~r/Slashdot/slashdot/~3/3Fhl9RRzPWs/dell-patches-12-year-old-driver-vulnerability-impacting-millions-of-pcs
Dell Patches 12-year-old Driver Vulnerability Impacting Millions of PCs
Hundreds of millions of Dell desktops, laptops, notebooks, and tablets will need to update their Dell DBUtil driver to fix a 12-year-old vulnerability that exposes systems to attacks. From a report: The bug, tracked as CVE-2021-21551, impacts version 2.3 of DBUtil, a Dell BIOS driver that allows the OS and system apps to interact with the computer's BIOS and hardware. In a report published today and shared with The Record, security firm SentinelOne said it found a vulnerability in this driver that could be abused to allow threat actors access driver functions and execute malicious code with SYSTEM and kernel-level privileges. Researchers said the DBUtil vulnerability cannot be exploited over the internet to gain access to unpatched systems remotely. Instead, threat actors who gained initial access to a computer, even to a low-level account, could abuse this bug to take full control over the compromised PC -- in what the security community typically describes as a privilege escalation vulnerability.Read more of this story at Slashdot.
Original Link: http://rss.slashdot.org/~r/Slashdot/slashdot/~3/3Fhl9RRzPWs/dell-patches-12-year-old-driver-vulnerability-impacting-millions-of-pcs
Share this article:
Tweet
View Full Article
Slashdot
Slashdot was originally created in September of 1997 by Rob "CmdrTaco" Malda. Today it is owned by Geeknet, Inc..More About this Source Visit Slashdot