May 6, 2021
Critical Vulnerability on Dell Laptops and Desktops running on Windows may lead to escalation of privileges, denial of service, or information disclosure
A driver (dbutil_2_3.sys) packaged with Dell Client firmware update utility packages and software tools contains an insufficient access control vulnerability which may lead to escalation of privileges, denial of service, or information disclosure. Local authenticated user access is first required before this vulnerability can be exploited. Dell is not aware of this vulnerability having been exploited by malicious actors to date.
Dell recommends downloading and running the Dell Security Advisory Update – DSA-2021-088 utility. Please see the FAQ for more details and additional information.