It’s time to head over to Windows settings to check for updates and lean hard into Dell’s own update wizard (installed on all modern Dell laptops) as well. SentinelLabs has sadly run into a pretty large vulnerability the affects nearly 400 Dell and Alienware laptops dating back 12 years (2009 through now).
A firmware update utility seems to be the cause of the mess, which allows an attacker to gain full access to your system. They do have to have access to the system, let it be physically or via remote access (or a trojan infecting the system), in order to be able to take advantage of this. However, with everything going on right now, that isn’t so hard to do.
The list of affected models is pretty big this time around (you find the entire list here). Covering everything from the companies Inspiron models all the way to its XPS line. You’ll also find Dell G-Series as well as Alienware in vast quantities. In fact, most of the laptops we have on-site are Dell, and only one single model out of the mix was missing from the list (and yet likely still worth looking to see if any update pop up).
The security update to patch this is actually going out via Dell’s own update wizard, so checking Windows’ own update engine is only an extra precaution at making sure nothing else is out of date. Another reminder to never let your system go too long without updates. Especially, with all of the chaos afflicting the digital world these days.
