New Delhi: Do you own a Dell laptop or a personal computer? If yes, then there are great chances that your device has a major security flaw in its firmware updating and operating recovery software, BIOSConnect. But you’re probably not alone as the flaw reportedly has exposed around three million laptops and PCs with Dell’s preinstalled software. According to a media report by BleepingComputer, security firm Eclypsium’s researchers were the first to find a flaw in Dell’s BIOSConnect.
For those uninitiated, BIOSConnect is used to update a laptop and PC’s firmware. However, the flaw in Dell’s BIOSConnect reportedly gave access to attackers to remotely execute any malicious code on a laptop or a desktop.
Researchers find a total of four separate vulnerabilities. Besides the flaw in the BIOS, there were three other different bugs classified as overflow vulnerabilities. All of them are rated as severe security threats by the researchers.
The BIO flaw, however, is so severe that it could enable attackers to reportedly control the device’s boot process. It could also have provided them access to higher-layer security controls, using which attackers could have gained access to “over the most privileged code on the device.” Also Read: Instagram to let users post from desktop with THIS feature
Overall, 129 different models of Dell PC and laptop were at risk of an attack due to these flaws. But the good news is that Dell has released several updates in the last few weeks to protect its customers from any attacks related to the flaws which were reported to the company by Eclypsium in March 2021.
The two server-related flaws were fixed by Dell itself. However, for the other two, customers need to update the BIOS/UEFI on their device. You can find the updates on Dell’s official site. Also Read: Ravi Shankar Prasad’s Twitter handle blocked, restored an hour later, here’s what happened