Dell has posted a patch to fix five critical 12-year-old security vulnerabilities. They concern hundreds of millions of the brand’s computers with nearly 400 different models.
If you own a Dell computer, regardless of its range, it is necessary to apply the latest security patch made available by the manufacturer. A big fix following the discovery of five security failures important. They affect 380 models of the brand, whether they are computers desktops, laptops and even those from the Alienware range for gamers.
Older models are also affected by these flaws and will accept this patch. Of these five faults, four can cause a elevation of privileges, in other words, the hacker has the necessary permissions to modify the system and to implant his viral loads as he sees fit. Another flaw can cause a denied service. The security company does not give more details on the methods that could be employed given the number ofcomputers affected by this vulnerability.
Faults dating back to 2009
These flaws were discovered by Kasif Dekel, a cybersecurity researcher at SentinelOne. He was investigating the safety of the driver allowing the firmware to be updated for hundreds of millions of computers. Dell. This pilot, used since 2009, had these five flaws since its inception. Worrisome when we know that the brand is a big supplier of computers to companies. Before being revealed in a blog post a few days ago, these vulnerabilities were presented to Dell in early December. The brand has therefore taken care to make a patch to seal these five breaches at once.
According to Dell, there is no evidence that this vulnerability was exploited by hackers. Information also confirmed by SentinelOne. It must be said that to carry out the attack, the hacker must have local access to the computer, which makes this kind of maneuver unlikely, even if, in fact, the flaw dates back 12 years. In all cases, the firm encourages on the other hand to apply the corrective present in the security notice. DSA-2021-088.
Interested in what you just read?
