Issued: Thursday, 6 May, 2021 |
Last Revision: Thursday, 6 May, 2021 |
Vendor: |
Product: |
Severity Level: |
Summary:
A new vulnerability (CVE-2021-21551) has been discovered in Dell's dbutil_2_3.sys driver and could lead to escalation of privileges, denial of service, or information disclosure. In order to exploit the vulnerability, local authenticated user access is required. The affected driver file could have been installed on Dell Windows operating systems when performing firmware updates using utility packages, Dell Command Update, Dell Update, Alienware Update, Dell System Inventory Agent, or Dell Platform Tags, including when using any Dell notification solution to update drivers, BIOS or firmware.
Recommendation:
The following instructions have been listed on the advisory by the vendor, please refer to the original vendor advisory for more details.
Dell recommends removing the dbutil_2_3.sys driver from the system by following one of three options listed below:
- Option 1 (Recommended): Download and run the Dell Security Advisory Update – DSA-2021-088 utility.
- Option 2: Manually remove the vulnerable dbutil_2_3.sys driver:
- Step A: Check the following locations for the dbutil_2_3.sys driver file
- C:\Users\<username>\AppData\Local\Temp
- C:\Windows\Temp
- Step B: Select the dbutil_2_3.sys file and hold down the SHIFT key while pressing the DELETE key to permanently delete.
- Step A: Check the following locations for the dbutil_2_3.sys driver file
- Option 3 (available by May 10, 2021): If you use one of the Dell notification solutions, you can use it to obtain and run the Dell Security Advisory Update – DSA-2021-088 utility.
- Scenario 1: If your Dell notification solution is configured to automatically notify you of updates, and configured to automatically download and apply them, then this utility is automatically downloaded and applied for you.
- Scenario 2: If your Dell notification solution is not configured to automatically download and apply updates, obtain the utility via one of the Dell notification solutions , by clicking “Check for Updates”, and then selecting and applying Dell Security Advisory Update – DSA-2021-088.
In order to prevent reintroduction of a vulnerable dbutil driver, obtain and run a remediated firmware update utility package, Dell Command Update, Dell Update, Alienware Update, Dell System Inventory Agent or Dell Platform Tags as applicable.