Dell has released a security patch that fixes a security vulnerability influencing numerous Dell computers returning to 2009, alongside instructions on the most proficient method to install it if your computer is influenced (by means of threatpost). The vulnerability, found by security research firm SentinelLabs, is available in a driver used by Dell and Alienware’s firmware update utilities, and it permits an attacker to acquire full kernel-level permissions in Windows.
On the off chance that you have a Dell computer, there’s a decent possibility it very well may be vulnerable — the list of influenced computers on Dell’s website has more than 380 models on it, including some of the most recent XPS 13 and 15 models, and the G3, G5, and G7 gaming laptops. Dell additionally lists just about 200 influenced computers that it considers to be no longer receiving service.
Both Dell and SentinelLabs say that they haven’t seen proof of the vulnerability being misused by hackers, in spite of the way that it’s been around for such a long time. Dell’s FAQ shows that somebody would must have access to your computer somehow or another to take advantage of the bug, which they could get through malware, phishing, or being granted remote access advantages.
It is additionally important that, as per Dell, the vulnerable driver isn’t pre-loaded on systems — all things considered, it gets installed when the client updates their computer’s firmware.
All things considered, regardless of whether you don’t remember doing anything like that, you ought to presumably add opening the Dell or Alienware Update utility and installing anything accessible to your to-do list today.