There are 129 dell computers that has a vulnerability with the BIOS (Basic Input Output System).
The quick summary: Need to update your Dell BIOS manually. If you do not feel or do not want to do it you can give me a text or call me at (864)494-6089 or email me robert@roberts-computer.com
BIOS is essentially embedded software on the system and the first things that runs on the computer after power on and it is behind the computer logo.
What the problem is that it’s still just software. Dell has this product called BIOSConnect that allows a computer in BIOS to call – phone home to Dell for support purposes. So, it can update the firmware on the system. if you’ve lost your operating system and you can’t get it to boot or something’s missing, you can actually still get this thing to connect to the Dell servers in BIOS because that’s always going to be there.
But what’s happened here is the first vulnerability that they found, that Elysium found, is a problem with TLS certificates. And TLS is Transport Layer Security. It’s how the internet works. But this software is written in C code. Which at a very low level, so getting that TLS handshake correct is important, and Dell didn’t do that here. In fact, this system – if you have a privileged network attacker on the network, and they can intercept, like, a DNS call out to the Google DNS server of 8-8-8-8.
They can intercept the communication. Then impersonate Dell and hand back any readily available, freely available TLS certificate, and the software in the BIOS will accept that and say, OK, you’re Dell, right? and any certificate at all, this software says, we’re good here. Just about, as long as it’s not self-signed. It has to be from a certificate authority that’s in the – but those are not easy – not hard to come by. So, if you’re on the network, if the malicious actor is on the network, they can intercept the traffic, they can feedback the – some bogus certificate, and the service will then – the service on that computer will then trust the attacker, and then the attacker can exploit one of three buffer overflow vulnerabilities that were also found in the software. And that allows arbitrary code execution. There’s even one that allows arbitrary code execution in BIOS, so they could completely replace the BIOS of your machine
The end result could be replacing the mother board.
Dell dose have a fix to this problem. However, you should be this done ASPS by August when all of the details will be out in the wild. DO NOT DO IT VIA THE UPDATE TOOL due to you can not trust the tool. When you or someone dose the update. Do it manually.
You can go to dell.com then download the patches.
If you like you can give me a text or call me at (864)494-6089 or email me robert@roberts-computer.com