Better late than never, Dell fixes 12-year-old vulnerability affecting hundreds of millions of PCs

Hundreds of millions of Dell computers could have a vulnerability, according to a security study by SentinelLabs. Five loftier severity flaws were found in Dell's firmware update driver. These flaws affect Dell laptops, desktops, notebooks, and tablets. SentinelLabs states that hundreds of millions of Dell devices with the vulnerability take been released since 2009. Dell has released a security update to address the vulnerability.

The flaws in the firmware update are all assigned one Common Vulnerabilities and Exposures (CVE) number, simply SentinelLabs breaks them down into 5 flaws:

CVE-2021-21551: Local Superlative Of Privileges #one – Memory corruption

CVE-2021-21551: Local Elevation Of Privileges #two – Memory abuse

CVE-2021-21551: Local Elevation Of Privileges #3 – Lack of input validation

CVE-2021-21551: Local Summit Of Privileges #four – Lack of input validation

CVE-2021-21551: Denial Of Service – Code logic upshot

SentinelLabs already has a proof of concept to demonstrate how these issues can affect PCs but is withholding sharing it until June 1, 2022 to give people a risk to update.

The report from SentinelLabs explains the potential impact of the vulnerabilities:

The high severity flaws could allow any user on the computer, even without privileges, to escalate their privileges and run lawmaking in kernel way. Among the obvious abuses of such vulnerabilities are that they could exist used to bypass security products.

The report adds that an attacker with access to an organisation's network can also manage to execute code to gain local elevation of privilege.

Dell released a patch for the vulnerabilities and explains them in great detail in a back up document.

SentinelLabs states that it hasn't seen any indication that the vulnerabilities have been exploited in the wild, but warns that "with hundreds of millions of enterprises and users currently vulnerable, it is inevitable that attackers will seek out those that do not take the advisable action."

Nosotros may earn a commission for purchases using our links. Learn more.

Post-launch roadmap for Final Fantasy XIV: Endwalker revealed

Future plans for FFXIV

Post-launch roadmap for Last Fantasy XIV: Endwalker revealed

The latest Alphabetic character from the Producer livestream has merely aired, and it comes with a plethora of news for Final Fantasy Fourteen. This includes plans for updating all the master scenario quest dungeons, improving the graphics, implementing new sidequests, and much more than.

Enjoy a bigger display

The all-time docks for your Dell XPS 13

The Dell XPS 13 is a fantastic Ultrabook, merely what if you want to utilize it desktop-fashion? You're going to want to get yourself a laptop dock for that. Here are some of our favorites.