A huge security flaw has been found in Dell’s latest dbutil driver (version 2.3) that can allow hackers to escalate privileges on a Dell machine, use a denial of service attack and access sensitive information. The flaw, which requires physical access to a machine, could potentially affect hundreds of thousands of Dell systems.
Several months ago, a security researcher at Sentinel Labs managed to find the flaws found in the dbutil driver thanks to Process Hacker, which is a program that can debug software and detect malware. The researcher found 5 bugs in all: two memory corruptions, a security issue that allows the driver to interact with non-elevated processes and a code logic issue that can result in a denial of service attack.
Perhaps the worst part of it all is that the dbutil driver is over 12 years old. A list of affected Dell computers can be found here.
Fortunately, the dbutil driver isn’t critical to your system; rather, it’s a utility driver that works with Dell Command Update, Dell Update, Alienware Update, and other Dell updating programs to update your drivers and firmware.
Uninstalling the driver shouldn’t be a problem, and Dell is already on top of the situation with plenty of ways to uninstall the affected driver listed here. The link will also show you how to install the patched version of the driver that doesn’t have any security flaws.
The implications of this situation could be huge; all modern Dells use Dell’s updating software to update drivers and firmware, so this bugged driver could already be on tens to hundreds of thousands of Dell machine.
Microsoft and Dell were able to fix the issues and bring out a new version yesterday. Hopefully, the driver gets pushed to as many Dell systems as possible.