A public service announcement for anyone who, like me, is using a years-old Dell computer as their primary machine: Dell has released a security patch for a security vulnerability affecting close to 400 different computer models manufactured between 2009 and right now. That’s, uh, a lot of laptops.
The vulnerability was discovered by security research firm SentinelLabs in a driver used by Dell and Alienware’s firmware update utilities. The flaw allows an attacker to access full kernel-level permissions in Windows. Dell’s information page says it has no evidence that the vulnerability has been exploited and that the attacker would have to have direct access to the computer to take advantage of the flaw. But that’s possible through malware, phishing, or granting remote access privileges to, say, someone pretending to be Dell customer service.
Be sure to check Dell’s list of affected computers if you think you fit the criteria. Some of the latest XPS 13 and 15 models are affected, as are Dell’s G-series gaming laptops. There’s also a list of mid-range Inspiron models from over the years and even some workstation towers.
Dell is pushing a security update via its update clients. The FAQ says to expect it by May 10. If you wish to remove affected the driver yourself, there are instructions at the link for locating it on both 32- and 64-bit versions of Windows.