by Dave Moore, CISSP, 05/09/2021
Don’t you just love it when you discover there’s something wrong with your stuff, and you’d better fix it now, or else? Ain’t nobody got time for that, right?
Welcome to the reality of modern day computing. The electronic computing devices we use every day are, in fact, cheap mass-produced highly flawed consumer-grade experiments in functionality, connected to billions of similar devices using another imperfect technology called the Internet.
Most of the time, it works fine, but, as we all know, sometimes it just doesn’t. Duct tape, baling wire and chewing gum (also known as “updates”) are sometimes required to put things back in working order, but it’s never a simple, one-time fix. There are always updates coming out for our devices, and there always will be. The need for updates will never stop.
When things go wrong with our computing devices, it usually due to one of two different causes: hardware, or software. Nuts, bolts, plastic, metal, wires, circuit boards, keyboards and screens, all cobbled together to make a physical device; that’s hardware.
Sometimes, hardware updates are needed. Batteries develop problems, wires break, keyboards wear out. Sometimes, hardware failures are easy to update; sometimes, they turn our stuff into useless junk.
Software updates fix flaws in the computer code that makes our devices so amazing. Sadly, the dirty little industry secret device manufacturers like Apple, Samsung and Dell don’t want widely discussed is that flawless computer programming code (like operating systems, programs, apps, etc.) is virtually impossible to produce. That’s why so many software updates are showing up all the time. We need to get them if we expect our charmed electronic lives to continue.
Such is the case this week with Dell computers. A “Red Alert-class” dangerous flaw has been discovered in the software that millions of Dell devices use to (ironically enough) update themselves. The program that fixes software flaws has a software flaw, itself, and needs to be fixed. According to Dell, “hundreds of millions” of PCs made from 2009 to the present are affected.
The software in question includes system management programs and apps like Dell Command Update, Dell Update, and Alienware (Dell’s line of gaming PCs) Update. These programs are designed to update “firmware,” such as drivers for graphics, network adapters, motherboard chipsets and the system BIOS.
This is not the same as Windows Update software. This problem only applies to software from Dell, designed to update certain things that are specific to Dell computers.
Most people will never deal with things like this, but guys like me do all the time. You may have run a Dell system management app in the past and not really known what was occurring, because, when you buy a new Dell computer, running Dell Update is the first thing you’re supposed to do.
So, OK, Dell owners, here’s the deal: you need to go to a page on the Dell website. Download an “Update package” file, double-click the file to install the downloaded package, and the Dell file that has the security flaw will be removed from your computer. Easy enough, right? If you need a refresher course on how to download and install files, refer to my April 8, 2021 column titled, “Downloading not the same as installing,” on the Norman Transcript website, and on my website at davemoorecomputers.com.
And now, the messy details. The website address is dell.com/support/home/ro-ro/drivers/driversdetails?driverid=7PR57 (starts with dell and ends with 7). Make sure you get it all. Scroll down the page and click the blue “Download” button. The name of the file you will download is Dell-Security-Advisory-Update-DSA-2021-088_7PR57_WIN_1.0.0_A00.EXE. Run the file and install the tool. When prompted, press “y” on your keyboard to scan your computer. The name of the file that the download will search for and remove is dbutil_2_3.sys.
Not every Dell computer will contain the offending file; you won’t know until you check. Should you decide you want to use the Dell updating software in the future, Dell says they will have complete updated versions of their updating software available at the end of July. The Windows 10 versions are available now. Happy updating!
Dave Moore, CISSP, has been fixing computers in Oklahoma since 1984. Founder of the non-profit Internet Safety Group Ltd., he also teaches Internet safety community training workshops. He can be reached at 405-919-9901 or internetsafetygroup.org