If you or someone you know has a Dell computer, old or new, they probably need to update it right away. Dell has just released a security patch that fixes multiple vulnerabilities in hundreds of its computers dating back to 2009.
Users who own a Dell or Alienware computer can assume that it is vulnerable to this issue; basically everything from a brand new Dell XPS 1
To make matters worse, Dell confirmed that nearly 200 affected models will no longer receive service, meaning some super old computers will need some extra TLC from owners or IT staff this week.
Apparently, one of Dell’s and Alienware’s firmware update programs has a vulnerability that could allow an attacker to gain more system privileges, access the BIOS, and take over a machine. More specifically the DBUtil BIOS driver. The vulnerability was found by SentinelLabs and reported to Dell in December, but so far it doesn’t appear that these long-standing flaws have been exploited in the wild.
We recommend that all owners run the Dell Update utility, check for updates, and immediately install anything that appears. If you haven’t done this in a while, it may take a while, so be patient.
via: The Verge