Dell has released a security patch that fixes a security vulnerability that affects many Dell computers, going back to 2009, along with instructions on how to install it if your computer is affected (via threat). The vulnerability, discovered by security research firm SentinelLabs, is present in a driver used by Dell and Alienware firmware update utilities and allows an attacker to obtain full kernel-level permissions on Windows.
If you have a Dell computer, it is likely to be vulnerable – the list of affected computers on the Dell website contains over 380 models, including some of the latest XPS 1
Both Dell and SentinelLabs say they have seen no evidence of the vulnerability used by hackers, despite the fact that it has existed for so long. Dell Frequently Asked Questions indicate that someone must have access to your computer in some way to take advantage of an error that could occur through malware, phishing, or remote access privileges.
It is also worth noting that according to Dell, the vulnerable driver is not preloaded on systems – instead, it is installed when the user updates the firmware on their computer.
However, even if you don’t remember doing something like this, you should probably add the Dell Utility or Alienware Update and install everything available on your to-do list today.