Security researchers have discovered that Dell has been pushing a firmware update for the last 12 years that contains “five high severity flaws.” Experts at SentinelLABS say those flaws impact hundreds of millions of Dell desktops, laptops, notebooks, and tablets.
Although the vulnerabilities could allow hackers to exploit Dell computers and do further damage, SentinelLABS says it has not discovered evidence of any “in-the-wild abuse.”
As for owners of non-Dell computers, there’s good news: this specific vulnerability affects only Dell-specific systems.
Dell steps up to fix the issue
Even though SentinelLABS hasn’t uncovered any widespread abuse, Dell isn’t taking any chances. Just to make sure nothing goes wrong, the company has sent a security update to its customers to address the exposure. It recommends that every Dell computer owner apply the patch as soon as possible.
Dell warns owners that a hacker could use phishing techniques to gain access to their computer if it is left unpatched. “To help protect yourself from malicious actors, never agree to give remote control to your computer to any unsolicited contact (such as from an email or phone call) to fix an issue,” the company advises.
SentinelLabs also says customers should not waste time installing the patch. “It is inevitable that attackers will seek out those that do not take the appropriate action. Our reason for publishing this research is to not only help our customers but also the community to understand the risk and to take action,” said SentinelLABS’ Kasif Dekel.