Because of the vulnerability, threat actors could launch man in the middle attacks through remote execution code to infiltrate the BIOS. The problem was found by Eclypsium researchers, who said the flaw affects 129 Dell laptop models. “Such an attack would enable adversaries to control the device’s boot process and subvert the operating system and higher-layer security controls,” the security research company explains. Those 129 models account for around 30 million units worldwide, covering Dell customers in consumer and enterprise. In other words, the potential for this bug to cause a lot of problems is obvious. There is little users can do because the BIOSConnect feature that houses the vulnerability is preloaded on all Dell laptops as part of the company’s SupportAssistant. Dell laptops running Microsoft Windows have a TLS connection running between BIOS and Dell to make SupportAssistant useful.
Patch
However, this connection is insecure and found to have three vulnerabilities. If attackers could exploit the flaw, they would have access to a system and be able to change any software on the laptop. Two of the vulnerabilities “affect the OS recovery process, while the other affects the firmware update process,” Eclypsium points out. “All three vulnerabilities are independent, and each one could lead to arbitrary code execution in BIOS.” Dell’s response to the report has seen the company this week roll out a fix, for what it calls a “High Impact” vulnerability. On its support page, Dell says the following: “DSA-2021-106: Dell Client Platform Security Update for Multiple Vulnerabilities in the BIOSConnect and HTTPS Boot features as part of the Dell Client BIOS Summary: Dell is releasing remediations for multiple security vulnerabilities affecting the BIOSConnect and HTTPS Boot features.” Of course, if you have a Dell laptop, you should be updating with this patch as soon as possible. Tip of the day: To prevent attackers from capturing your password, Secure Sign-in asks the user to perform a physical action that activates the sign-in screen. In some cases, this is a dedicated “Windows Security” button, but the most common case in Windows 10 is the Ctrl+Alt Del hotkey. In our tutorial, we show you how to activate this feature.