![]() The release notes for the latest v2.1.0_A02 of this utility only states that the executable (Dell-Security-Advisory-Update-DSA-2021-088_DF8CW_WIN_2.1.0_A02.EXE) " will detect and uninstall the dbutil_2_3.sys driver from the system" and as far as I know that's all it does on home consumer products. Sorry, I don't know if the executable that runs when the Dell Security Advisory Update - DSA-2021-088 utility is delivered via Dell Update or Dell SupportAssist actually installs anything on the hard drive. So, I'm curious if I can find the supposedly installed Security Advisory Update. I noted in post # 2362948 of Microfix's Dells Bells on Horseback in the AskWoody Lounge that I was unable to find a dbutil_2_3.sys file in either C:\Windows\Temp or the hidden C:\Users\\AppData\Local\Temp when I checked back on 0, but added that it was possible that a custom disk clean I ran with CCleaner Portable v5.79 that cleans both these temp folders might have previously removed dbutil_2_3_sys from those folders.ĭell Inspi* 64-bit Win 10 Pro v20H2 build 19042.985 * Dell 5583/5584 BIOS v1.12.0 * Dell SupportAssist v3.8.1.23 * Dell Update v4.1.0 Step B: Select the dbutil_2_3.sys file and hold down the SHIFT key while pressing the DELETE key to permanently delete. ![]() Step A: Check the following locations for the dbutil_2_3.sys driver file Option 2: Manually remove the vulnerable dbutil_2_3.sys driver: 1) as an urgent update, which confirms that this patch is recommended for my Inspiron 5584.ĭell Inspi* 64-bit Win 10 Pro v20H2 build 19042.928 * Dell 5583/5584 BIOS v1.12.0 * Dell SupportAssist v3.9.0.234 * Dell Update v4.1.0Ĭurious, what's dbutil_2_3.sys install path?Īccording to Step 1 of the remediation instructions posted in the security advisory DSA-2021-088: Dell Client Platform Security Update for an Insufficient Access Control Vulnerability in the Dell dbutil Driver (i.e., prior to the 1 release of the automated Dell Security Advisory Update – DSA-2021-088 utility): The support page for my Inspiron 5584 also lists the Dell Security Advisory Update - DSA-2021-088 (now v2.0.0_A02, rel. 2) recommended in that table was installed on 0. ![]() Kudos to Microfix for posting about this in the AskWoody Lounge yesterday at Dells Bells on Horseback!.ĭell Inspi* 64-bit Win 10 Pro v20H2 build 19042.928 * Dell 5583/5584 BIOS v1.12.0 * Dell SupportAssist v3.8.1.23 * Dell Update v4.1.0ĭell SupportAssist v3.9.0 delivered an update today (0) for “Dell Security Advisory Update – DSA-2021-088” so I assume I’m patched now for the DBUtil driver vulnerability described in DSA-2021-088: Dell Client Platform Security Update for an Insufficient Access Control Vulnerability in the Dell dbutil Driver.įurther to my 0 post, my Inspiron 5584 is listed as an affected model in Table 1 of the DSA-2021-088: Dell Client Platform Security Update for an Insufficient Access Control Vulnerability in the Dell dbutil Driver security advisory. To best protect yourself, Dell recommends removing the dbutil_2_3.sys driver from your system by following one of three options listed in Remediation Step 1 below. This driver file may have been installed on your Dell Windows operating system when you used firmware update utility packages, Dell Command Update, Dell Update, Alienware Update, Dell System Inventory Agent, or Dell Platform Tags, including when using any Dell notification solution to update drivers, BIOS, or firmware for your system. The vulnerability exists in the dbutil_2_3.sys driver. Table A at the bottom of that advisory also has a list of affected Dell computer models. The Dell security advisory DSA-2021-088: Dell Client Platform Security Update for an Insufficient Access Control Vulnerability in the Dell dbutil Driver (last updated 0) states the following and includes instructions on how to locate and remove the vulnerable dbutil_2_3.sys driver, if present. However, it allows threat actors and malware to gain persistence on the infected system. This type of vulnerability is not considered critical because an attacker exploiting it needs to have compromised the computer beforehand. Five flaws in oneĪ collection of five flaws, collectively tracked as CVE-2021-21551, have been discovered in DBUtil, a driver from that Dell machines install and load during the BIOS update process and is unloaded at the next reboot. It is estimated that hundreds of millions of Dell computers, from desktops and laptops to tablets, received the vulnerable driver through BIOS updates. From Ionut Ilascu's 0 Bleeping Computer article Vulnerable Dell Driver Puts Hundreds of Millions of Systems at Risk:Ī driver that’s been pushed for the past 12 years to Dell computer devices for consumers and enterprises contains multiple vulnerabilities that could lead to increased privileges on the system.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |