Multiple Security Flaws Discovered in Dell BIOS Drivers

by Timothy Higbie
Desktop & Applications Architect

Security researcher SentinelLabs recently discovered multiple security vulnerabilities in Dell’s BIOS firmware update driver.   These vulnerabilities have been in place since 2009 and affect 100s of millions of Dell PCs.  An attacker could use these BIOS vulnerabilities to elevate local kernel-mode privileges.  Such a privilege elevation could be used to bypass security software to gain control of a system, and potentially other systems on the network.

Dell responded to SentinelLabs report by issuing a remediation patch to close the security holes in the BIOS driver.  It is recommended that all Dell customers deploy this patch as soon as possible.

The Dell patch and security bulletin can be found here: DSA-2021-088: Dell Client Platform Security Update for an Insufficient Access Control Vulnerability in the Dell dbutil Driver | Dell US

If you would like more information or assistance from our industry-leading team of Desktop experts, please contact us at service@helient.com.