First, the bad news: Security researchers recently discovered five high-severity flaws in Dell’s firmware update driver—and they’ve been pushed to customer computers ever since 2009. Now the good news: A fix is already (finally?) available for people who own Dell desktops, laptops, and tablets.
You’ll want to take advantage if you’re affected, as the secretive code won’t stay a secret for long.
“These multiple high severity vulnerabilities in Dell software could allow attackers to escalate privileges from a non-administrator user to kernel mode privileges,” writes Kasif Dekel, a security researcher at SentinelOne that sniffed out the vulnerability. That could let attackers bypass security software or assault the network of an organization that deploys Dell PCs. “Over the years, Dell has released BIOS update utilities which contain the vulnerable driver for hundreds of millions of computers (including desktops, laptops, notebooks, and tablets) worldwide.”