Dell’s BioConnect Bug Has MAJOR Security Flaws Affecting 30 Million Users — How to Fix?

Dell's BioConnect firmware has multiple major security flaws that left 30 million users vulnerable to cyberattacks.

Dell’s BioConnect Bug Has Security Flaws that Affects 30 Millions Users — How to Fix?
MIAMI, FL - FEBRUARY 05: A customer looks at a Dell computer on display at the Electric Avenue store on February 5, 2013 in Miami, Florida. Dell Inc. today announced it will be taken private in a deal valued at about $24.4 billion. The company will be acquired by Dell founder and Chief Executive Michael S. Dell and global technology investment firm Silver Lake and Microsoft Corp. will invest $2 billion in the deal. by Joe Raedle/Getty Images

Security firm Eclypsium released a study revealing that 128 Dell computers, varying from laptops, desktops, and even tablets, are susceptible to being accessed by criminal minds.

According to Wired, firmwares have been opening vulnerabilities to cyber attackers for years. It comes as the foundational computer program does not receive constant security patches. Thus, security flaws sit alongside it for a long time.

With that, the user's devices could be accessed entirely without them noticing.

Dell BioConnect Bug Security Flaw

The security flaw persists even after installing a system that is meant to ease the vulnerability of firmware, such as Microsoft Secured-core PC protections.

Principal analyst of Eclypsium, Jesse Michael, told Wired that the flaws found on the BioConnect are simple to infiltrate. He further likened the process of exploiting it to traveling back to the 90s, wherein softwares are generally easy to hack.

Michael even noted that the application and operating systems have been leveling up their security features rapidly. However, firmware features are not subscribing to the standards that the two have set.

Its extent has led to Microsoft warning other businesses to upgrade the security of firmware as attacks flood.

Dell BioConnect: What is it?

Dell's BioConnect is part of the pre-installed SupportAssist feature of their Windows devices. It primarily helps in troubleshooting issues that the computer experiences.

Meanwhile, the BIOSConnect served as a recovery tool when the operating system is corrupted. Also, it provided updates for Dell's firmware. Update mechanisms such as these are the common targets of attackers as they can easily plant malware through it.

Both features connect to the cloud system of Dell. However, with this mere process alone, it has birthed multiple security flaws.

Dell BioConnect Four Security Flaws

The researchers have found four vulnerabilities that could lead to attacking an individual's device. The hackers will only need a single target. Then, they could remotely access a device through its firmware.

Although the security flaws did not pave the way for planting malware on a large scale, criminal minds could use it to attack one user at a time.

Furthermore, the absence of monitoring of the firmware could benefit the hackers to be undetected.

Dell BioConnect: How to Fix?

Dell said that users with auto-updates turned on will automatically get the quick fix of the security flaw. The company vowed to release an update within the day.

Otherwise, users will have to disable the BIOSConnect feature by accessing the BIOS setup page by following these steps.

  • Press F2 upon turning on the laptop of the computer
  • Click Update
  • Select Recovery
  • Press BIOSConnect
  • Then, click Switch to Off.

Elsewhere, Dell is planning to expand its hybrid cloud services in Thailand.

This article is owned by Tech Times.

Written by Teejay Boris

ⓒ 2024 TECHTIMES.com All rights reserved. Do not reproduce without permission.
Join the Discussion
Real Time Analytics