How to fix a security flaw in firmware of Dell Windows PCs regarding "DSA-2021-088"

How to fix a security flaw in firmware of Dell Windows PCs, dating back to 2009: Security Advisory Update – DSA-2021-088

Users of Dell Windows PCs, models going back to 2009, need to remove the vulnerable driver from the system and upgrade firmware immediately.

Dell has already pushed an update utility to detect and uninstall the "dbutil_2_3.sys" driver which contains an insufficient access control vulnerability. This issue may lead to escalation of privileges, denial of service, or information disclosure, Dell says.

Here's How to fix it.

• Step 1: Remove the vulnerable "dbutil_2_3.sys" driver.
• Step 2: Obtain and run a remediated firmware update to prevent reintroduction of a vulnerable driver.

For the details:

• Step 1: To remove the vulnerable driver, Dell highly recommends downloading and running the Security Advisory Update – DSA-2021-088 utility. Otherwise, you can remove the file manually. Also, Dell plans to push the utility via notification solutions like "Dell Update" by May 10, 2021.
• Step 2: To prevent reintroduction of a vulnerable dbutil driver, download and apply the latest available firmware update utility like Dell Command Update, Dell Update, Alienware Update, Dell System Inventory Agent, or Dell Platform Tags. 

Visit the Dell's website for more information and to see which models are applicable.

I wrote an article in Japanese on this subject