Millions of Dell laptops, desktops at risk of cyber-attacks due to a bug in a preinstalled software
By MYBRANDBOOK
Dell has found a flaw in laptops and desktops that could have allowed cyber attackers to gain access to the systems. The cybersecurity research team by Sentinel Labs, which spotted the vulnerability, says that millions of Dell laptops and desktops are at risk due to this. The team says that the flaw could have led to a range of cyber-attacks, including a complete system takeover by the hackers. The vulnerability was found in the form of a bug in a pre installed software in Dell laptops and desktops.
As per a report on the vulnerability, the bug could have allowed hackers to get admin-level access to a PC. Once hackers gain this access, they could possibly have installed malware deep inside the system so as to lock a user out of his own machine. The bug was found in the Dell BIOS Utility driver, called DBUtil. A module inside the DBUtil driver is responsible for delivering BIOS updates on Dell laptops and desktops. The security team reported five flaws with the module in the report.
Two of these are memory corruption glitches, two are input validation failures and one logic flaw. Collectively, these flaws could be exploited by hackers for attacking and taking over a target system. The team at Sentinel Labs explains that the Dell BIOS Utility server could be requested by any app or service to gain high-level system permissions. It highlights that even the apps without administrator privileges were able to do so.
The report points out that the shortcoming of the driver was due to the absence of an ‘access control list’. Such lists help restrict non-admin level apps from gaining high-level system access for important tasks. But since that has not been used by Dell, the exposed function control could provide a hacker with such a high-level system access.
However, there is no evidence of anyone abusing the vulnerability as of now. The findings were reported to Dell on December 1 last year. Since then, Dell has released a security update to its customers to address this vulnerability.
BREAKING NEWS
TECHNO TRENDS
Nazara and ONDC set to transform in-game monetization with ‘
Nazara Technologies has teamed up with the Open Network for Digital Comme...
Jio Platforms and NICSI to offer cloud services to government
In a collaborative initiative, the National Informatics Centre Services In...
BSNL awards ₹5,000 Cr Project to RVNL-Led Consortium
A syndicate led by Rail Vikas Nigam Limited (abbreviated as RVNL), along wi...
Pinterest tracks users without consent, alleges complaint
A recent complaint alleges that Pinterest, the popular image-sharing platf...
E-Magazine
TECHNOTAINMENT
Netflix adds 'Moments' feature for saving, sharing scenes from
Netflix has introduced a new “Moments” feature on its mobile app, whic
Jacqueline Fernandez come together with YouTuber Mr. Beast for
Jacqueline Fernandez has partnered with American YouTuber Mr. Beast to b
MOVERS & SHAKERS
Visa elevates Rishi Chhabra as new Country Manager for India
Rishi holds a Master’s in Industrial Engineering from The Ohio State Univ
Genesys welcomes Albert Nel as Senior VP and Regional Sales Le
Genesys continues to deepen its investment in the APAC region. Earlier this
OPEN YOUR EYES
INTERVIEWS
Acer addresses evolving customer needs by consistently pushing
Acer offers a comprehensive range of products under one roof, including des
In India, 88% of Indian business leaders are planning to inves
As we move through 2024, it has become increasingly clear that AI is not ju
HOT PICK
SonicWall Launches TZ80: A Powerful Solution for Remote Office
SonicWall announced today the launch of the TZ80, a groundbreaking securit
Gigabyte X3D Turbo: A Gaming Revolution
GIGABYTE X3D Turbo Mode is a cutting-edge feature that unifies cores distr
MAKE IN INDIA BRANDS
ZOHO CORPORATION PVT. LTD.
ACER INDIA PVT. LTD.
WIPRO LTD.
TATA CONSULTANCY SERVICES
EMINENT CIO'S OF INDIA
ICONS OF INDIA
Icons Of India : Girish Mathrubootham
Girish Mathrubootham is the Founder of Freshworks (previously known ...
Icons Of India : Dr. Arvind Gupta
Arvind Gupta is the Head and Co-Founder of the Digital India Foundatio...
Icons Of India : Deepak Sharma
Deepak Sharma spearheads Schneider Electric India. He brings with him ...
PARTNER SPEAKERS
PSU
HPCL - Hindustan Petroleum Corporation Ltd.
HPCL is an integrated oil and gas company involved in refining, market...
GSTN - Goods and Services Tax Network
GSTN provides shared IT infrastructure and service to both central and...
IREDA - Indian Renewable Energy Development Agency Limited
IREDA is a specialized financial institution in India that facilitates...
VIDEOS
Top 25 Brands
Global Indian industry
Indian Tech Talent Excelling The Tech World - Aman Bhutani, CEO, GoDaddy
Aman Bhutani, the self-taught techie and CEO of GoDaddy, oversees a co...
Indian Tech Talent Excelling The Tech World - REVATHI ADVAITHI, CEO- Flex
Revathi Advaithi, the CEO of Flex, is a dynamic leader driving growth ...
Indian Tech Talent Excelling The Tech World - ARVIND KRISHNA, CEO – IBM
Arvind Krishna, an Indian-American business executive, serves as the C...
STARNITE AWARDS 2024
ITFORUM 2024
CMO of the Year
WOMEN LEADERSHIP
IMAGE GALLERY
TRENDS IN TECHNOLOGY
MORE VIDEOS
ADVERTISEMENTS
TECHNOLOGY DISRUPTION
UNICORNS REVOLUTIONISING
