Product Security Alert:
Secure Your Dell Laptops and Desktops Now

May 6, 2021

Issue/Vulnerability

Scope

A driver (dbutil_2_3.sys) packaged with Dell Client firmware update utility packages and software tools contains an insufficient access control vulnerability which may lead to escalation of privileges, denial of service, or information disclosure. Local authenticated user access is first required before this vulnerability can be exploited. Dell is not aware of this vulnerability having been exploited by malicious actors to date.

Who is affected?

Users who:

• Are using a Dell laptop or desktop running on Windows
• have applied a BIOS, Thunderbolt, TPM, or dock firmware update to your system; or
• currently or have previously used Dell Command Update, Dell Update, Alienware Update, Dell System Inventory Agent or Dell Platform Tags

Remediation/Action Plan

Dell recommends downloading and running the Dell Security Advisory Update – DSA-2021-088 utility. Please see the FAQ for more details and additional information.