After a security research firm discovered a security vulnerability that could give hackers access to your laptop, Dell is taking action with a fix. Impacting hundreds of millions of laptops across more than 380 models (including XPS, and Alienware) released since 2009, there are now more ways than one for you to address the urgent issue.
At the heart of this problem is a driver that Dell’s laptops use to handle firmware updates. According to a Dell support page, this driver comes packaged with Dell Client firmware update utility packages and software tools, and a vulnerability within it can “lead to escalation of privileges, denial of service, or information disclosure.”
The support page lists all impacted laptop models, including the XPS 13, XPS 15, and other Alienware laptops. You can search through the list of models to see if your laptop is impacted, but keep in mind, the majority of the laptops impacted are ones that are considered out of service by Dell. Dell and security researchers also believe that the vulnerability was not exploited.
If your laptop is impacted, there are two steps for you to fix it. First, you must manually remove the driver using this Dell tool. After that, you can update your laptop’s firmware, update Dell Command Update, Dell Update, or Alienware Update, or install the latest version of Dell System Inventory Agent or Dell Platform Tags. Updating the firmware will prevent the driver from becoming reintroduced into the system, according to Dell.
If you never updated your Dell laptop through Dell Command Update, Dell Update, Alienware Update, Dell System Inventory Agent, or Dell Platform Tags, then you’re likely not impacted by this issue. Dell says Windows Update does not install the affected dbutil_2_3.sys driver.
It’s important to note that someone would have needed physical or remote access to your laptop first to take advantage of this vulnerability. The driver also only gets installed with firmware updates and is not pre-installed. Dell even says it has remediated this for all new PCs shipping from the factory, except for systems shipping with Dell Command Update, Dell Update, or Alienware Update which might be automatically updated at first run.