Your IT Team has an opportunity to patch a security weakness in your Dell computers. If you facilitate them acting now, you will probably be one step ahead of attackers.
The good news is Dell’s not detected any attacks in the wild. However, now bad actors have a new challenge, a puzzle to solve, a game with payoffs for them, and potential tragedy for their targets. Dell urges companies to install the update immediately.
Executives decide whether to accept the risk or provide teams with time to implement the two-step solution from Dell.
To exploit the security weakness, bad actors might effectively social engineer at least one user to click on a malicious link, open an infected attachment, or grant access to someone pretending to be a technical support professional.
Alternatively, the attacker can steal or guess the user’s password. For example, we are auditing a business right now and discovered the following passwords: Password, Password!, Password1, and Password123. Users choosing those passwords is NOT the IT professional’s fault.
Please forward this to your associates so they know that Dell is urging all affected customers to address this problem immediately.
Time is your team’s most precious asset, and this fix takes time. Discuss ways they can postpone other projects to address the problem before attackers start exploiting the vulnerability to potentially:
- Shut down systems
- Spread ransomware
- Threaten to expose stolen data
- Delete your data stored in the cloud or on your servers
- Or otherwise devastate organizations
Dell recommends acting immediately: dell.com/support/kbdoc/en-us/000186019/dsa-2021-088-dell-client-platform-security-update-for-dell-driver-insufficient-access-control-vulnerability
During the recent Pwn2own competition, a team demonstrated exploiting Exchange servers. With the new knowledge, attackers infiltrated servers before IT Professionals could apply patches. The Dell vulnerability could have the same outcome. Keep in mind that there are vastly more Dell computers in businesses than there are on-prem Exchange servers.
Interestingly, the vulnerability only exists if the IT Team is applying Dell’s patches and updates. However, if your team is not using Dell’s other security updates, that is a problem too. They might not have enough time and need your understanding when they need to reprioritize their tasks, have additional help, or automate some processes they must do manually.