Security updates: BIOS gaps jeopardize Dell computers
Among other things, certain computers from Dell's Alienware series are vulnerable. Security patches are available for download.
Due to two security vulnerabilities in the AMI UEFI BIOS Aptio V, attackers can attack various Dell PC models and, in the worst case, compromise systems via malicious code. Security updates, however, have been available for some time.
Close security gaps
According to a recently published warning from the computer manufacturer, some repaired BIOS versions have been available since May of this year. Various Alienware, Inspiron and XPS models are at risk. The specific models and security patches are listed in the warning message.
An AMI article mentions two security vulnerabilities (CVE-2024-33656"high", CVE-2024-3367"high"). If attackers successfully exploit the vulnerabilities, they should be able to bypass security mechanisms or even push malicious code onto systems and execute it. It is currently not known what attacks could look like. However, attacks are not possible without further ado: in one case, attackers must be authenticated and in the other, they need local access to vulnerable computers.
(des)