Millions of Dell PCs dating back more than a decade are potentially impacted by a security flaw leaving them vulnerable to cyberattacks, according to a new report from security research firm SentinelLabs. Dell has released a security patch to address the vulnerability, one available for dozens of systems ranging from the Inspiron to its latest XPS machines.
The issue revolves around a firmware update driver found on Dell’s various laptops, tablets, and desktop PCs, according to the new report. The security company says that ‘hundreds of millions’ of Dell computers released since 2009 may contain this risky driver, which features ‘five high severity flaws’ addressed by the newly released security patch.
The issue is said to impact ‘most’ of Dell’s Windows machines released since 2009 — though, despite the duration of this vulnerability, the firm says there’s no evidence that it has been exploited in the wild. Dell was informed about the issue back in December 2020, giving it time to get a security patch ready before news of the problem went live.
Though SentinelLabs has shared the technical details about this vulnerability, it says that it won’t publish its proof of concept until June 1, giving Dell PC owners time to install the security patch first. The driver is installed when the user updates their computer’s firmware; Dell details who is at risk, as well as other FAQ, in its own advisory.
If you own a Dell laptop, you should head over to the company’s DSA-2021-088 security advisory update and scan the list of compatible systems to determine whether you can install the security patch. Hundreds of Dell PC models are listed, including newer machines like the XPS 13 and 15.