Categories: Gadgets

Dell users, your laptop or desktop may have these security flaws

If you have a Dell laptop, desktop or a tablet, chances are that it might have severe security vulnerabilities.
Dell has confirmed this and even released a security update to fix the flaw.
The flaws were discovered by security research firm Eclypsium in the BIOSConnect feature in Dell laptops.
The issue affects 129 Dell models of consumer and business laptops, desktops, and tablets, including devices protected by Secure Boot and Dell Secured-core PCs.
“Our research has identified a series of four vulnerabilities that would enable a privileged network attacker to gain arbitrary code execution within the BIOS of vulnerable machines,” says the security research firm in a press release.
The vulnerabilities, as per the security research firm, were found on March 2.
The firm immediately notified Dell on March 3.
“These vulnerabilities enable an attacker to remotely execute code in the pre-boot environment.
Such code may alter the initial state of an operating system, violating common assumptions on the hardware/ firmware layers and breaking OS-level security controls,” the research firm says.
Almost every Dell series of computers have been affected.
Dell has published the list of all the affected models, which include Dell Inspiron, Latitude, Optiplex and Precision series among others.
Dell, on the other hand, has released a security patch to fix the flaws but users will have to update it manually.
“Dell recommends all customers update to the latest Dell Client BIOS version at the earliest opportunity,” the company said on its support page.
Eclypsium explained how these flaws could give hackers control of devices.
“The specific vulnerabilities covered here allow an attacker to remotely exploit the UEFI firmware of a host and gain control over the most privileged code on the device.
This combination of remote exploitability and high privileges will likely make remote update functionality an alluring target for attackers in the future, and organizations should make sure to monitor and update their devices accordingly,” the firm explained.

news2in

Share
Published by
news2in

Recent Posts

44 ordered to attack the procession

Ludhiana: The police have submitted FIR to four identified and at least 40 unknown attackers…

3 years ago

Punjab: Police Reject conspiracy theory in the case of Deep Sidhu

Sonīpat / Ludhiana / Ambala: Actor Punjabi - Activist Activist Deep Sidhu, who died in…

3 years ago

Punjab: Hidden Strength Working Behind PM Narendra Modi, Arvind Kejriwal, said Rahul Gandhi

PATIALA / MANSA / BARNALA: Attacking Prime Minister Narendra Modi and AAP National Convener Kejriawal,…

3 years ago

BJP made AAP to endanger the Congress, said Ajay

Jalandhar: BJP and AAM AAM AADMI parties are one party, Secretary General of the Ajay…

3 years ago

Our job is to make Punjab No. 1 State: Meenakshi Lekhi

Ludhiana: Minister of Union Culture Meenakshi Lekhi while campaigning to support the BJP candidate from…

3 years ago

Feb 20 is an opportunity to change the destiny of Punjab and his children: Bhagwant Mann

Machhiwara (Ludhiana): AAM AAM AADMI Party (AAP) Head of Punjab Candidate and Members of Parliament…

3 years ago