Security Vulnerabilities in Dell Laptops

449

Dell Laptops are said to be exhibiting some vulnerabilities in their software that hackers could exploit to gain remote access say security experts from Sentinel Labs. Report released by the firm says that the discovered flaw is actually an amalgamation of 5 different flaws that are present on the Dell BIOS Utility Driver called DBUtil and has been in place since 2009.

Researchers say that the DBUtil drivers that are responsible to update BIOS in desktops and laptops of Dell are containing two memory corruption glitches, two input validation features and one logic flaw that could be targeted by a distributed denial of service attacks.

Meaning, the systems supplied by Dell could be used as botnets to launch DDoS attacks and other such malware related phishing campaigns as any app with no admin privilege can request the Dell BIOS Utility server and gain high-level system permissions.

Sentinel Labs says that Dell has been supplying millions of desktops and laptops to its customers with such flaws and has failed to patch the vulnerabilities from the past 12 years.

Previously, another firm related to Cybersecurity disclosed about the flaw to Dell in December 2020 and urged the computing giant to issue some fixes. It has also obliged the request and issued 3 fixes to its laptop and desktop users early this year in association with its business partner Microsoft.

However, only those systems that have opted for automatic updates have received the fix and those which need the admin indulgences are still lying vulnerable to hackers.

Naveen Goud is a writer at Cybersecurity Insiders covering topics such as Mergers & Acquisitions, Startups, Cyber Attacks, Cloud Security and Mobile Security