Safety researchers of sentinelones are gestable to a vulnerable driver, the annually dell computer with Windows 7, 8.1 and 10 powerful. After successful attacks, attackers could acquire kernel rights and thus take the control. Currently there are no information on attacks.
The security researchers indicate that the problematic driver dbutil_2_3.SYS for at least 2009 on them, hundreds of millions of dell computers are used. The driver is installed if you use the Tools Alienware Update, Dell Command Update, Dell Update, Dell System Inventory Agent or Dell Platform tags, for example, to get the BIOS up to date. Linux computers are not affected by Dell.
The safety chucks (CVE-2021-21551) is with the degree of threat "high" classy. The main problem is that the driver input / output control requests are processed without any Access Control List Requirements (IOCTL) of non-privileged users. Since the driver works with far-reaching rights, attackers were able to acquire kernel rights with praarized IOCTL requests, warning the security researchers. But you have to have access to the PC.
Remove drivers immediately!
In a warning message, Dell ares to have repaired the driver now. There, the computer manufacturers also listen to affected models. Owners of such computers should ensure that they remove the driver immediately from the system. This works by installing a tool. Who is uncertain whether the vulnerable driver is present in his Windows system, the tool can easily install. According to Dell, Dell has no negative effects. Affected person should be ensured that they have installed up-to-date versions of the update tools. For example, the version Dell System Inventory Agent 22.214.171.124.
In a FAQ article, Dell has compiled the answers to the most important questions about the security problem. There you can find information about secured versions and procedures, how to protect affected computers.