Skip to main content

Dell security flaw dating back to 2009 impacts hundreds of millions of laptops — How to patch it

Dell XPS 13 (Model 9310, 4K) review
(Image credit: Laptop Mag)

We often see vulnerabilities in Windows 10 or macOS that have been around for a couple of years, but it's rare to see a security flaw that has been kicking around unnoticed for more than a decade. Unfortunately, that's the case with a new flaw found in a Dell BIOS driver.

Security researchers at SentinelLabs uncovered the problem and notified Dell in December of 2020; the company now has a patch available for you to fix the vulnerability (via TechRadar).

The security flaw is a collection of five vulnerabilities discovered by SentinelLabs in the dbultil_2_3.sys driver. Two were memory corruption issues, two were security failures from lack of input validation and finally, a logic issue that could be leveraged for a denial-of-service. The good news is that according to Dell there has been no evidence to date that the flaw was exploited in the wild despite its longevity. 

However, now that it has been identified it is advisable to patch the problem as soon as possible. As you can imagine the number of laptops and desktops impacted over the course of twelve years is significant, likely in the hundreds of millions.

You can find the full list of systems that are affected on Dell's advisory page for the vulnerability. That is also where you will find the full instructions on how to both remove the dbutil_2_3.sys driver and obtain the new driver. Dell also has a helpful FAQ page for the vulnerability that should clear up any additional questions.