There has been a high priority security flaw discovered in the dbutil_2_3.sys driver included with Dell Client firmware update utility packages and tools that has to be remediated as soon as possible. In order to eliminate this security risk the dbutil_2_3.sys file that can be located at C:\Users\<username>\AppData\Local\Temp has to be removed either manually or by running the Dell Security Advisory Update – DSA-2021-088 utility. More information about this issue can be found here.
0 Comments
In order to exploit this issue a physical access to the computer is required. The computer has to bee rebooted into Intel Management Engine BIOS Extension (MEBx). This is easily done by pressing Ctrl+P when the DELL Logo is displayed by booting. Then there is a big chance that the default password has not been changed (default password is: admin) and the attacker can get into the computer's Intel AMT and set it for remote attack. And indeed I was able to confirm the issue on a dell notebook (Latitude E7450). In order to disable Intel AMT on a dell computer follow the instructions here.
|
Author
Write something about yourself. No need to be fancy, just an overview. Archives
November 2022
Categories
All
|