icetray - Fotolia

Dell patches high-severity flaws in firmware update driver

SentinelOne discovered the flaws in Dell's firmware update driver in December. There's no evidence that hackers have exploited the 12-year-old vulnerabilities.

Dell has released a patch for five high-severity flaws discovered in a firmware update driver that companies could have used on hundreds of millions of Windows PCs since 2009.

Dell released this week a fix that will detect and uninstall the vulnerable dbutil_2_3.sys driver from computers. The company said it will release on May 10 a new version of the driver with "enhanced features for enterprise customers."

There's no evidence that hackers have exploited the driver vulnerability, said security company SentinelOne, which discovered the flaws and reported them to Dell on Dec. 1.

Companies might have unwittingly installed the flawed driver while using a firmware update utility package. They also could have installed it using one of the vendor's tools. The utilities include the Dell Command Update, the Dell Update, the Alienware Update, the Dell System Inventory Agent or the Dell Platform Tags.

Companies can remove the flawed driver using the latest update of Dell's utilities or a unique removal tool released by Dell. The vendor has also released instructions for clearing the driver manually.

The high-severity rating is due to the number of PCs and tablets possibly affected by the vulnerabilities. A hacker could not exploit the flaws over the internet.

Instead, an attacker could use phishing emails to exploit another vulnerability and then chain that to the driver. A malicious actor could also access the driver by gaining local, authenticated access to the computer.

Dell has published an FAQ that provides more information on potential risks from the driver vulnerability.

Antone Gonsalves is the news director for the Networking Media Group. He has deep and wide experience in tech journalism. Since the mid-1990s, he has worked for UBM's InformationWeek, TechWeb and Computer Reseller News. He has also written for Ziff Davis' PC Week, IDG's CSOonline and IBTMedia's CruxialCIO, and rounded all of that out by covering startups for Bloomberg News. He started his journalism career at United Press International, working as a reporter and editor in California, Texas, Kansas and Florida. He can be found on Twitter at @AntoneG.

Next Steps

Dell BIOSConnect flaws affect 30 million devices

Dig Deeper on Threats and vulnerabilities

Enterprise Desktop
Cloud Computing