Subject – Mines-Faculty: IMPORTANT — Critical Vulnerability in Dell Computers Announced
Date – May 6, 2021 at 2:15 pm
Dear Mines Community,
Dell recently announced a critical vulnerability that could allow an attacker to take over your computer. For your own information safety and for the protection of the Mines network, ITS is strongly encouraging Dell laptop and Dell desktop owners to take the below remediation steps immediately. If your device were to be compromised, connecting to the Mines network could pose a huge risk to yours and Mines’ information security. We understand this comes at the end of the semester as courses and exams are wrapping up, which is a busy time for you. We also know that we see increases in attacks at this time as well, which is why we are communicating this risk and remediation strategy as soon as possible.
Please take the following steps to ensure the safety of yours and Mines’ information.
If you own a Dell laptop or Dell desktop, please perform the following:
1) Download and run the Dell Security Advisory Update – DSA-2021-088 utility.
2) If you are unable to use the utility, manually check for the dbutil_2_3.sys driver and remove it if it is there.
Step 2a: Check the following locations for the dbutil_2_3.sys driver file
• C:\Users\<username>\AppData\Local\Temp
• C:\Windows\Temp
Step 2b: Select the dbutil_2_3.sys file and hold down the SHIFT key while pressing the DELETE key to permanently delete.*
*If Windows reports that it cannot delete the file because “The file is open or in use,” you can rename the file to dbutil_2_3.xxx, using the following command:
rename DBUtil_2_3.sys DBUtil_2_3.xxx
Then reboot. After you reboot, you can delete the renamed file.
NOTE: You must have administrator privileges to see and delete the file.
If you use an ITS-managed Dell laptop or Dell desktop, you do not need to take these steps as ITS will be performing this remediation automatically. If you are uncertain if your computer is impacted, please reach out to ITS by submitting a ticket through this service request: https://helpcenter.mines.edu/TDClient/1946/Portal/Requests/ServiceDet?ID=30099.
More information from Dell can be found at the following links:
• Dell Security Advisory DSA-2021-088
• Dell FAQs (PSQN)
If you have any outstanding questions, please put in a service request here: https://helpcenter.mines.edu/TDClient/1946/Portal/Requests/ServiceDet?ID=30099.
These steps can also be found in our Knowledge Base article: Dell Security Advisory – Vulnerability in Dell Computers Announced
Thank you,
Susan McMillin
Chief Information Security Officer
Information and Technology Solutions (ITS)
303-384-2699 | smcmillin@mines.edu