Dell Security Advisory - Critical Vulnerability in Dell Computers Announced

Tags Security

NOTE: This incident is ongoing and changing. We will post updates as we learn more, so check back frequently for updates. Last update 1:04 PM 5/7/2021

Dell recently disclosed a critical security vulnerability that allows an attacker to take over a Windows computer completely. They have issued urgent instructions on how to protect yourself.

If you own a Dell laptop or Dell desktop with Windows 10, please take the following steps: 

  1. Download and run the Dell Security Advisory Update – DSA-2021-088 utility. 
  2. If you are unable to use the utility, manually check for the dbutil_2_3.sys  driver and remove it if it is there. 

Step 2a: Check the following locations for the dbutil_2_3.sys driver file 

  • C:\Users\<username>\AppData\Local\Temp 
  • C:\Windows\Temp 

Step 2b: Select the dbutil_2_3.sys file and hold down the SHIFT key while pressing the DELETE key to permanently delete.  
 

If Windows reports that it cannot delete the file because “The file is open or in use,” you can rename the file to dbutil_2_3.xxx, using the following command: 

rename DBUtil_2_3.sys DBUtil_2_3.xxx 

Then reboot. After you reboot, you can delete the renamed file. 

NOTE: You must have administrator privileges to see and delete the file.

If you use an ITS-managed Dell laptop or Dell desktop, you do not need to take these steps as ITS will be performing this remediation automatically starting May 6. NOTE: you will need to be connected via VPN for at least one hour to ensure you receive the deployment. If you are uncertain if your computer is impacted, please reach out to ITS by submitting a ticket through this service request: https://helpcenter.mines.edu/TDClient/1946/Portal/Requests/ServiceDet?ID=30099.

Q: How can I check to see if I received the deployment?
A: Check for the existence of the file using the steps detailed in Step 2a above. If the file is not in either directory, your computer is not vulnerable.

More information from Dell can be found at the following links: 

Details

Article ID: 133003
Created
Wed 5/5/21 4:01 PM
Modified
Fri 5/7/21 1:04 PM