Skip to main content
  1. Home
  2. Computing
  3. News

Your Dell laptop might have a security vulnerability. Here’s how to fix it.

By

After a security research firm discovered a security vulnerability that could give hackers access to your laptop, Dell is taking action with a fix. Impacting hundreds of millions of laptops across more than 380 models (including XPS, and Alienware) released since 2009, there are now more ways than one for you to address the urgent issue.

At the heart of this problem is a driver that Dell’s laptops use to handle firmware updates. According to a Dell support page, this driver comes packaged with Dell Client firmware update utility packages and software tools, and a vulnerability within it can “lead to escalation of privileges, denial of service, or information disclosure.”

Recommended Videos

The support page lists all impacted laptop models, including the XPS 13, XPS 15, and other Alienware laptops. You can search through the list of models to see if your laptop is impacted, but keep in mind, the majority of the laptops impacted are ones that are considered out of service by Dell. Dell and security researchers also believe that the vulnerability was not exploited.

Related: 
Best new movies to stream on Netflix, Hulu, Prime Video, Max (HBO), and more

If your laptop is impacted, there are two steps for you to fix it. First, you must manually remove the driver using this Dell tool. After that, you can update your laptop’s firmware, update Dell Command Update, Dell Update, or Alienware Update, or install the latest version of Dell System Inventory Agent or Dell Platform Tags. Updating the firmware will prevent the driver from becoming reintroduced into the system, according to Dell.

If you never updated your Dell laptop through Dell Command Update, Dell Update, Alienware Update, Dell System Inventory Agent, or Dell Platform Tags, then you’re likely not impacted by this issue. Dell says Windows Update does not install the affected dbutil_2_3.sys driver.

It’s important to note that someone would have needed physical or remote access to your laptop first to take advantage of this vulnerability. The driver also only gets installed with firmware updates and is not pre-installed. Dell even says it has remediated this for all new PCs shipping from the factory, except for systems shipping with Dell Command Update, Dell Update, or Alienware Update which might be automatically updated at first run.

Arif Bacchus
Arif Bacchus
Former Computing Writer
Arif Bacchus is a native New Yorker and a fan of all things technology. Arif works as a freelance writer at Digital Trends…
Topics

Editors’ Recommendations

Big tech is dominating my digital life — here’s how I fixed it
big tech logos around capitol hill

Big tech companies are so dominant and so far-reaching right now that people could probably live their entire digital lives interacting only with Google, Apple, Meta, Microsoft, and Amazon products. Things never got quite that bad for me but I did realize recently that I've been relying far too much on Google, plus I’ve been using Safari for years even though I don’t actually like it that much.

So I decided to find some new apps to try out and came across a nice resource full of European, open-source, or non-profit alternatives for a range of different services. It introduced me to quite a few apps that are more than good enough to replace what I was using, and although I’m not hardcore enough to completely kick Google out of my life, I’m pretty happy with the results.
What’s so bad about big tech?

Read more
Your Netgear router might be an open door for hackers
The Netgear Nighthawk XR1000v2 router placed on a desk next to its packaging box

Netgear has released a security advisory addressing two critical vulnerabilities affecting Nighthawk Pro Gaming routers and certain Wi-Fi 6 access points. The company strongly recommends that users update their devices' firmware promptly to mitigate potential risks.

The first vulnerability, identified as PSV-2023-0039, is a Remote Code Execution (RCE) flaw. This security issue allows attackers to execute arbitrary code on affected devices remotely, potentially leading to unauthorized control over the router. The second vulnerability, PSV-2021-0017, is an authentication bypass flaw, which enables attackers to circumvent authentication mechanisms and gain unauthorized access to the device's management interface.

Read more
iPhone 7 owners are getting $200 in class action lawsuit, and here’s how you can track yours
iPhone 7 and iPhone 7 Plus.

Settlement payout from the iPhone 7 class action lawsuit against Apple are starting to roll out. Those who participated in the class action lawsuit have started to receive payments, with amounts varying based on whether you spent any money on repairing the iPhone 7 or the iPhone 7 Plus.

Some of the co-applicants in the lawsuit have started to receive around $200 as part payment from the $35 million settlement, 9to5Mac reported. While the payout is less than the maximum of $350 initially approved by the court, it should still feel satisfactory to the appellants.

Read more