Dude, Get a Security Update for Your Dell PC
Are you still tech-savvy since 2009 or so? Maybe an old processor or motherboard that sits in a box in your closet “just in case” you need a backup? What about Dell? If you, or someone you care about, is still using a Dell computer made anytime between Barack Obama’s first presidential term and now, you should check to make sure you don’t need an important security update. that just dropped out.
The update resolves a vulnerability in the dbutil_2_3.sys Windows driver that Dells says “may have been installed on your Dell Windows operating system when you used the firmware update utility packages, Dell Command Update, Dell Update, Alienware Update, Dell System Inventory Agent. , or Dell platform tags, including when using any Dell notification solution to update drivers, BIOS or firmware for your system. “
You are strongly encouraged to uninstall the specified driver using Dell’s handy utility and install updated software to prevent the unwanted driver from re-appearing on your system in the future. The vulnerability, with a CVSS severity of 8.8 out of 10, “could lead to escalation of privileges, denial of service, or information disclosure,” Dell describes. (Although it’s worth noting that “local authenticated access” to a computer is necessary for an attacker to exploit this vulnerability to their advantage – either personally or through some kind of malware / phishing / remote access exploit.)
To get started, download and run the Dell Security Advisory Update utility – DSA-2021-088, which should locate and remove dbutil_2_3.sys for you. You can also find this file manually. It can appear in one of two places:
- C: \ Users \ <user name> \ AppData \ Local \ Temp
- C: \ Windows \ Temp
If or when you find the file yourself, just press Shift + Delete to hide it.
You can also wait until May 10, after which running a regular system update using any of Dell’s built-in tools such as SupportAssist or Dell Update will automatically install and run the DSA-2021-088 utility. You will need to run one of these tools anyway to install the aforementioned new firmware update, which will prevent this old vulnerable driver from returning to your system.
To keep things simple, I’ll probably just wait until May 10th. Check and install any system updates that Dell asks you to run this week. If it is not, then you are in luck and your system has not been harmed. (You can also check if scanning for your particular Dell system is not affecting you among the 380 affected computers Dell lists on this page .)
Just in case, run the update tools next week, whether you find your system on this list or not. It never hurts to have the most modern computer you can get – software and firmware. Silver lining to it all? According to Dell , the company “is still not aware of the use of this vulnerability by cybercriminals.” So this is not an update that needs to be stopped, but still something that you want to turn to.