Dell has recently released a new security patch that fixes security vulnerabilities affecting several Dell devices going back to 2009. The security researchers from SentinelLabs found a vulnerability present in a Dell driver and Alienware’s firmware update. This vulnerability allows the attacker to gain full kernel-level permissions in Windows.
Five vulnerabilities have been found and hundreds of millions of Dell computers including desktops, tablets, and laptops have got affected. The devices received the vulnerable driver through the BIOS updates. The five bugs found are:
- LPE No.1: Due to memory corruption
- LPE No.2: Again due to memory corruption
- LPE No.3: Because of lack of input validation
- LPE No.4: Also due to lack of input validation
- Denial of service flaw because of a code-logic issue
The security flaws have remained under the cover for 12 years. According to SentinelLabs, these bugs can bypass the security products, execute code, and can pivot to other parts of the network for lateral movement.
The local privilege escalation bugs can not be exploited remotely over the internet. For a successful attack, an adversary needs access to a non-administrator account on a vulnerable system, following which the driver vulnerability can be exploited to gain the local elevation of privilege. The threat actor after gaining access can even leverage other tactics to execute arbitrary code and laterally move across the network.
Both Dell and the security research firm SentinelLabs say that there isn’t any evidence of the vulnerability that the hackers exploit. Also, according to Dell, the vulnerable driver isn’t pre-loaded on the systems. It is installed when the user updates their computer’s firmware.
Follow this link if your device is on the list of affected computers. Dell’s website has more than 380 models including the latest XPS 13 and 15 models along with G3, G5, and G7 gaming laptops.
