Specialists in a security company have warned Dell users of very serious “flaws” in the firmware update driver.
Researchers at the security research company Sentinel Labs said that Dell’s firmware update operator has 5 very serious security flaws that may affect hundreds of millions of desktop computers, laptops, and tablets, according to the “Gatts” website. Technical.
The researchers added that there are errors in version 2.3 of the firmware update engine that has been in use since 2009, indicating that the launcher deals with firmware updates from Dell and Alienware via the Boyce utility, which is installed. Previously, across most Dell devices running Windows.
According to the Russian “Sputnik” agency, specialists confirmed that hundreds of millions of Dell devices have updates that are sent on a regular basis to both consumer and enterprise systems.
The researchers pointed out that the five errors are collectively tracked as “CVE-2021-21551”, explaining that they carry a CVSS severity rating of 8.8 out of 10, and because of these errors, the attacker can obtain full permissions at the kernel level in Windows.
And the “Dell” issued a security patch that fixes the security holes, as well as instructions on how to install it in case the computer is affected.