Dell fixes 5 bugs in millions of computers going back to 2009


New Delhi, May 5 (IANS): Dell has issued a security patch for millions its computers dating back to 2009, after cybersecurity research firm SentinelLabs found five serious bugs in Dell and Alienware software that allow hackers to gain full permissions in Windows on the devices.

These high-severity vulnerabilities, which have remained present and undisclosed for 12 years in Dell devices for 12 years, affect hundreds of millions of devices and millions of users worldwide.

"The impact this could have on users and enterprises that fail to patch is far reaching and significant," said Kasif Dekel, Senior Security Researcher at SentinelOne.

While the cybersecurity firm has not seen any indicators that these vulnerabilities have been exploited in the wild up till now, with hundreds of million of enterprises and users currently vulnerable, "it is inevitable that attackers will seek out those that do not take the appropriate action".

The list of affected Dell computers has over 380 models, including some of the latest XPS 13 and 15 models, and the G3, G5, and G7 gaming laptops.

Dell has also listed almost 200 affected computers that it considers to be no longer receiving service.

Both Dell and SentinelLabs, however, stressed they haven't seen evidence of the vulnerability being exploited by hackers.

The high severity flaws could allow any user on the computer, even without privileges, to escalate their privileges and run code in kernel mode.

"Among the obvious abuses of such vulnerabilities are that they could be used to bypass security products," the report said.

An attacker with access to an organisation's network may also gain access to execute code on unpatched Dell systems and use this vulnerability to gain local elevation of privilege. Attackers can then leverage other techniques to pivot to the broader network, like lateral movement.

"These multiple high-severity vulnerabilities in Dell software could allow attackers to escalate privileges from a non-administrator user to kernel mode privileges," the report noted.

 

  

Top Stories


Leave a Comment

Title: Dell fixes 5 bugs in millions of computers going back to 2009



You have 2000 characters left.

Disclaimer:

Please write your correct name and email address. Kindly do not post any personal, abusive, defamatory, infringing, obscene, indecent, discriminatory or unlawful or similar comments. Daijiworld.com will not be responsible for any defamatory message posted under this article.

Please note that sending false messages to insult, defame, intimidate, mislead or deceive people or to intentionally cause public disorder is punishable under law. It is obligatory on Daijiworld to provide the IP address and other details of senders of such comments, to the authority concerned upon request.

Hence, sending offensive comments using daijiworld will be purely at your own risk, and in no way will Daijiworld.com be held responsible.