If you have a Dell laptop, there might be a security issue that could allow hackers to gain access to your device. The security issue has reportedly affected at least 380 models of Dell laptops, including the high-end XPS and Alienware models released since 2009. Dell has started to fix the problem now. Ideally, users should update their laptops to avoid being exposed to the vulnerability.
The vulnerability is said to be in the driver (dbutil_2_3.sys) that Dell laptops use to update firmware. The Dell Support page states that this driver has utility packages and software tools for Dell client firmware updates. The vulnerability could “result in a privilege escalation, denial of service, or information disclosure.” You may be affected if you have applied a BIOS, Thunderbolt, TPM, or Dock firmware update to your system.
The Dell support page lists all of the laptops affected by the issue, including various models including the XPS 15 and Alienware laptops. If your laptop is on the list, you can use the update already released by the company.
Various laptops that are part of this list are classified as “out of service” by the company. Dell and other security researchers believe these devices may not be affected. Windows Update does not install the dbutil_2_3.sys driver, which is the affected driver, according to Dell.
This means that if you have never updated your laptop with the Dell Command Update, Dell Update, Alienware Update, Dell System Inventory Agent, or Dell Platform Tags, your device may not be affected by this issue. Hackers also need physical or remote access to your laptop in order to take advantage of this problem. The driver in question is only installed with firmware updates and is not preinstalled.
Here’s how to find out if your Dell laptop is affected
If you think your device has become a victim of such an issue, the first thing to do is to manually remove the driver (dbutil_2_3.sys) or download and run the Dell Security Advisory Update – DSA-2021-088.
Then you need to update the firmware of your Dell laptop. the Dell Command Update, Dell Update, or Alienware Update, if applicable.
Updating the firmware to the latest version will prevent the driver from being reintroduced into the system as indicated by Dell.
Dell has also stated that the issue has been resolved for all new laptops and PCs currently shipping except those that ship with Dell Command Update, Dell Update, or Alienware Update. These are updated automatically the first time you run the laptop.