This type of vulnerability is not considered critical because an attacker exploiting it needs to have compromised the computer beforehand

If your system is already secure from external threats you need not worry.
Wait until Dell release an updated driver.

cheers, Paul

Dell has a fix :

Summary: Dell released an update utility to mitigate a security vulnerability affecting the dbutil_2_3.sys driver packaged with Dell Client firmware update utility packages and tools.

“Remediation Steps:

Impacted customers must complete 2 steps as follows:
Immediately remove the vulnerable dbutil_2_3.sys driver from the affected system using one of the following options from Step 1 below: download and run a utility to remove the driver from the system (Option 1), manually remove the driver from the system (Option 2), or on or after May 10, 2021, utilize one of the Dell notification solutions to run the utility (Option 3).
As described in Step 2 below, obtain and run the latest firmware update utility package(s), Dell Command Update, Dell Update, Alienware Update, Dell System Inventory Agent, or Dell Platform Tags as applicable….

Hi Microfix:

Thanks for the heads up.

I have a Dell Inspiron 15 5584 with the latest 5583/5584 BIOS v1.12.0 (installed 01-Feb-2021), which is listed as an affected system in Table A of DSA-2021-088: Dell Client Platform Security Update for an Insufficient Access Control Vulnerability in the Dell dbutil Driver, but I can’t find this dbutil_2_3.sys file in either C:\Windows\Temp or the hidden C:\Users\<myusername>\AppData\Local\Temp.  I don’t know if that’s because this driver file was never created on my system or if it was removed when I recently cleaned all my temp folders with CCleaner (which clears both those temp folders).
———-
Dell Inspiron 15 5584 * 64-bit Win 10 Pro v20H2 build 19042.928 * Dell BIOS v1.12.0 * Dell SupportAssist v3.8.1.23 * Dell Update v4.1.0 * CCleaner Free Portable 5.79.8704

I have a Dell Inspiron 15 5593 laptop which is on the list of affected systems in Table A.

When I ran the Dell utility recommended in Step 1 Option 1 it reported that the dbutil 2.3 driver was not found on my laptop.

So just because your Dell PC is listed in Table A it doesn’t always mean that your system has the dodgy driver (also see Imacri’s post above).

Hey Y’all,

Here’s a little PS utility that will do the work for you.

Function Remove-ProblemFile {

  Param (
    [Parameter(Mandatory=$True)]
    [AllowNull()]
    [Object] $BadFile
  )

  If ($Null -ne $BadFile) {
    Try {
           Remove-Item -Path $($BadFile.FullName) -Force
           "$($BadFile.FullName) removed successfully"
           $Script:FileCnt += 1
    }
    Catch {
           "$($BadFile.FullName) removal unsuccessful"
    }
  }

} #End Function Remove_ProblemFile

Clear-Host

$FName   = "dbutil_2_3.sys"
$FileCnt = 0

$GCIArgs = @{Path = "C:\Users\$($env:USERNAME)\AppData\Local\Temp"
             File = $True
             Filter = $FName}

Remove-ProblemFile -BadFile (Get-ChildItem @GCIArgs)

$GCIArgs.Path = "C:\Windows\Temp"

Remove-ProblemFile -BadFile (Get-ChildItem @GCIArgs)

"$FileCnt file(s) removed."

HTH 😎

My Dell XPS 8930 (3.5 years old) is NOT affected because I don’t have that driver because I never update BIOS unless absolutely necessary and, generally, it is NOT necessary during the life of a computer.

A lot of home users do not have a UPS and, unless you do, should NEVER update BIOS. It’s way too risky without any power supply backup if needed.

My Dell is on the list but I won’t be flashing the BIOS (even though my Dell is connected to my UPS).

Hi Microfix:

Dell SupportAssist v3.9.0 delivered an update today (08-May-2021) for “Dell Security Advisory Update – DSA-2021-088” so I assume I’m patched now for the DBUtil driver vulnerability described in DSA-2021-088: Dell Client Platform Security Update for an Insufficient Access Control Vulnerability in the Dell dbutil Driver.
———-
Dell Inspiron 15 5584 * 64-bit Win 10 Pro v20H2 build 19042.928 * Dell BIOS v1.12.0 * Dell SupportAssist v3.9.0.234 * Dell Update v4.1.0

Looks like Dell and Eclypsium are equally unperturbed:

“To exploit the vulnerability chain in BIOSConnect, a malicious actor must separately perform additional steps before a successful exploit, including: compromise a user’s network, obtain a certificate that is trusted by one of the Dell UEFI BIOS https stack’s built-in Certificate Authorities, and wait for a user who is physically present at the system to use the BIOSConnect feature,” sniffed an unimpressed Dell.

Eclypsium agreed, saying: “An attack scenario would require an attacker to be able to redirect the victim’s traffic, such as via a Machine-in-the-Middle (MITM) attack.”

If you don’t fancy upgrading SecureAssist, an effective mitigation is simply to delete the utility, according to Dell.

https://www.theregister.com/2021/06/25/dell_secureassist_biosconnect_vulns_rce/

—

Seems like “Cold Kale het agin’. “

Just a heads up that I ran a check for updates today with Dell Update v4.3.0 and I’m being offered a new DBUtil Removal Utility v2.5.0 (rel. 03-Aug-2021). I originally thought I was being re-offered the DBUtil Removal Tool v1.x I ran in May 2021 for DSA-2021-088 but it looks like there’s been a new bug found  in the DBUtilDrv2.sys driver.  See the DSA-2021-152: Dell Client Platform Security Update for an Insufficient Access Control Vulnerability in the Dell DBUtilDrv2.sys Driver (last revised 06-Aug-2021; my Inspiron 5584 is listed in Table 1 as an affected product) as well as the “Additional Information” FAQ <here> that has more information about the vulnerability in versions 2.5 and 2.6 of the DBUtilDrv2.sys driver (CVE-2021-36276).

The attached images are from the support page <here>  for my Inspiron 5584 and my Dell Update v4.3.0 update check of 08-Aug-2021.

—–———
Dell Inspiron 15 5584 * 64-bit Win 10 Pro v20H2 build 19042.1110 * Dell 5583/5584 BIOS v1.14.1 * Dell SupportAssist v3.10.1.23 * Dell Update for Windows 10 v4.3.0