If you or anyone you know has a Dell computer, old or new, they should probably update it right away. Dell just released a security patch that addresses multiple vulnerabilities in hundreds of its computers dating back to 2009.
Users that own a Dell or Alienware computer can assume it’s vulnerable to this problem; basically, everything from a brand new Dell XPS 15 or G3 gaming laptop to your parents’ old Dell computer that probably still runs Windows 7. Thankfully, Dell has a full list of affected models on its website detailing over 380 models.
To make matters worse, Dell confirmed almost 200 affected models no longer get service, which means some super old computers need a little extra TLC from owners or IT staff this week.
Apparently, one of Dell and Alienware’s firmware update utilities have a vulnerability that allows an attacker to gain increased system privileges, access the BIOS, and take over a machine. More specifically, the DBUtil BIOS driver. The vulnerability was found by SentinelLabs and reported to Dell back in December, but so far, it doesn’t look like these long-standing flaws have been exploited in the wild.
We recommend all owners fire up the Dell Update utility, check for updates, and promptly install anything shown. If you haven’t done this in a while, it could take a while, so be patient.
via: The Verge