[HN Gopher] Dell patches 12-year-old driver vulnerability impact... ___________________________________________________________________ Dell patches 12-year-old driver vulnerability impacting millions of PCs Author : giuliomagnifico Score : 114 points Date : 2021-05-04 15:10 UTC (7 hours ago) (HTM) web link (labs.sentinelone.com) (TXT) w3m dump (labs.sentinelone.com) | 45ure wrote: | I read this CVE with some interest, to see if it provides a | solution to a frustrating problem, involving a Latitude 5300 | (2-in-1). The problem: once the device is fully charged and | subsequently shutdown, it rapidly drains the battery to around | 80% within a few hours - at which point it retains the remaining | charge. The problem is less pronounced, when it is put into sleep | mode. | | I have been through numerous suggestions and permutations; 'hard' | shutdown by holding the power button for varying durations, BIOS | updates, OS updates (W10 latest build/version/updates/drivers), | manufacturer specific driver updates, fresh rebuilds, tweaking | power,wake,idle,throttle settings for CPU, network adapters (via | BIOS and OS), date/time anomalies, turning off Modern/Connected- | Standby, Registry hacks etc. Furthermore, I have contemplated | using Wireshark and other tools to diagnose the problem, but that | would require a significant chunk of my time troubleshooting a | device, which I expect to work, out of the box. I resent the | fact, that no explanation or a solution is forthcoming from Dell, | which is a matter of concern. | | The post below describes my conundrum, fairly accurately. | | https://www.dell.com/community/Latitude/Latitude-7400-batter... | anonymousiam wrote: | I have always used the DOS/FreeDOS method to update my Dell | firmware. Seems silly to let an insecure OS such as Windows have | write access to the BIOS. It would provide an easy path to the | holy grail of malware persistence. | secondcoming wrote: | Every time I've updated the BIOS on my Dell laptop it's been | done on the next boot, before Windows starts. | orev wrote: | The update process that runs in the OS would need to use the | driver at issue here to write the new firmware into flash at | some staging location. After that is done, then you reboot, | and the chips see there's a staged update and applies it. | dr-detroit wrote: | Imagine working at a company. | naikrovek wrote: | i find it crazy that you think DOS is secure when compared to | windows. or anything else, really. | vetinari wrote: | Neither FreeDOS nor Windows have direct write access to the | BIOS. They use the UEFI capsule mechanism (i.e. let UEFI update | itself on the next reboot). | darig wrote: | Dude! | lgats wrote: | https://cve.report/CVE-2021-21551 | excalibur wrote: | > This bug is nothing out of the ordinary. | | In summation | dang wrote: | We've changed the URL from https://therecord.media/dell- | patches-12-year-old-driver-vuln..., which points to this. | | From the guidelines: " _Please submit the original source. If a | post reports on something found on another site, submit the | latter._ " | | https://news.ycombinator.com/newsguidelines.html | giuliomagnifico wrote: | Okay thanks! | anonymousiam wrote: | Seems to be an optional package. It's not on any of my Dell | hardware. Not the sort of thing a security-conscious person would | willingly install anyway. | martey wrote: | From the security company's report at | https://labs.sentinelone.com/cve-2021-21551-hundreds-of-mill... | : | | > _The firmware update driver component, which is responsible | for Dell Firmware Updates via the Dell Bios Utility, comes pre- | installed on most Dell machines running Windows and freshly | installed Windows machines that have been updated._ | | Dell's security advisory page | (https://www.dell.com/support/kbdoc/en- | us/000186019/dsa-2021-...) suggests that it would be installed | if you installed any of a number of their update programs: | | > _This driver file may have been installed on your Dell | Windows operating system when you used firmware update utility | packages, Dell Command Update, Dell Update, Alienware Update, | Dell System Inventory Agent, or Dell Platform Tags, including | when using any Dell notification solution to update drivers, | BIOS, or firmware for your system._ | dang wrote: | Ok, we've changed the URL at the top to that one, from | https://therecord.media/dell-patches-12-year-old-driver- | vuln..., which points to it. Thanks! | greenyoda wrote: | The "Process Hacker" tool that this article refers to seems | quite useful. It can be found here: | https://processhacker.sourceforge.io (free GPL software) | annoyingnoob wrote: | When you manage a number of Dell computers, the Dell Update | package is helpful. Dell Update will alert you when there are | updates available. Not so different than Windows Update. | Keeping up to date with drivers and firmware is a security- | conscious thing to do. | | I don't use any of the other Dell software/packages but I find | Update helpful. | DeusExMachina wrote: | It's not clear from the article, but my reading is that while the | bug was introduced 12 years ago, it was discovered and fixed only | now. | | Which is different from knowing about it but ignoring it for 12 | years. | antibuddy wrote: | I'd infer from the CVE naming (CVE-2021-21551) that it was | discovered this year. ___________________________________________________________________ (page generated 2021-05-04 23:00 UTC)