Komputer jenama DELL sedang mengalami masalah keselamatan yang serius

 Ironinya sejak 12 tahun yang lepas masalah itu telah wujud tapi hanya dapat ditemukan baru-baru ini sahaja. Laporan mengenai penemuannya pada 04 May 2021 seperti berikut:

Dell desktops, laptops, and tablets built since 2009 and running Windows can be exploited to grant rogue users and malware system-administrator-level access to the computers. We're told this amounts of hundreds of millions of machines that can be completely hijacked.

This is made possible by five security vulnerabilities in Dell's dbutil_2_3.sys driver, which it bundles with its PCs. These are grouped under the label CVE 2021-21551, and they can be abused to crash systems, steal information, and escalate privileges to take total control. These programming blunders can only be exploited by applications already running on a machine, or a logged-in user.

"While we haven’t seen any indicators that these vulnerabilities have been exploited in the wild up till now, with hundreds of million of enterprises and users currently vulnerable, it is inevitable that attackers will seek out those that do not take the appropriate action," warned Kasif Dekel, a senior security researcher at SentinelOne who helped find the holes.

The flaws are within Dell's firmware update driver, and are fairly simple to abuse. Essentially, Dell's driver accepts system calls from any user or program on a machine; there are no security checks nor an access control list to see if the caller is sufficiently authorized or privileged. These system calls – specifically, IOCTL calls – can instruct the kernel-level driver to move the contents of memory from one address to another, allowing an attacker to read and write arbitrary kernel RAM. At that point, it's game over: the machine can be commandeered at the operating-system level, a rootkit installed, and so on.

The driver even allows anyone to make x86 I/O port reads and writes, granting access to the underlying hardware. In all, there are two memory corruption bugs, two instances of a lack of input validation, and one logic error – some are relatively easy and some tricky to exploit in practice. The SentinelOne team demonstrated a proof-of-concept attack on video, and aren't releasing any exploit code until June 1 to allow time to patch.

"Allowing any process to communicate with your driver is often a bad practice since drivers operate with the highest of privileges; thus, some IOCTL functions can be abused 'by design,'" they noted.

Dell has emitted a patched driver, and accompanying FAQ on the issue, after the bug hunters reported the flaws in December. The fix will also be pushed out from May 10.

"Dell has remediated the dbutil driver and has released firmware update utility packages for supported platforms running Windows 10, Dell Command Update, Dell Update, Alienware Update, Dell System Inventory Agent and Dell Platform Tags," the computing behemoth said.

"For supported platforms on Windows when you install a remediated package containing the BIOS, Thunderbolt firmware, TPM firmware, or dock firmware; or update Dell Command Update, Dell Update, or Alienware Update; or install the latest version of Dell System Inventory Agent or Dell Platform Tags."

The infosec researchers note Dell hasn't rescinded the code-signing certificate for the insecure Windows driver yet. We've asked Dell if or when this is likely to occur and will update you accordingly.

Ini jelas memberi message kepada kita bahawa keselamatan penggunaan mobile phone, pelbagai apps, komputer, internet atau segala yang berkaitan IoT hanya betul-betul selamat jika tanpa jaringan internet. Oleh sebab itu, data penting anda perlu dipastikan disimpan pada device yang tidak bersambung dengan capaian internet.

Entah apa lagi masalah keselamatan yang dihadapi oleh pelbagai jenama dan masih belum ditemukan sehingga ke hari ini dan tahun-tahun mendatang. Sedangkan ramai pelajar, pekerja dan individu sangat bergantung dengan capaian internet.

Keselamatan data anda bukan hanya melibatkan antara negara, malah di dalam negara sendiri setiap individu perlu memastikan data anda tidak dapat di akses oleh pihak kedua. Data anda direkodkan dalam pelbagai bentuk antaranya seperti berikut:

  1. Teks
  2. Gambar
  3. Audio
  4. Video
  5. Co-ordinate
  6. Masa
  7. Lokasi
  8. Tarikh
  9. Contacts
  10. Calendar
  11. Reminder
  12. Bluetooth
  13. Local network
  14. Microphone
  15. Speech recognition
  16. Camera 
  17. Health
  18. Research Sensor & Usage Data
  19. Homekit
  20. Media & Music
  21. Files & Folders
  22. Motion & Fitness
  23. Kekerapan
  24. Jangka masa penggunaan
  25. Cap jari
Banyak lagi yang boleh diambil dari data anda dan ianya hanya betul selamat jika data tersebut tidak pernah dihubungkan ke internet atau tiada pihak kedua yang mengetahui kecuali anda sahaja. Oleh sebab itu sedarilah betapa banyak data anda telah, sedang dan akan diperolehi oleh pihak kedua, ketiga atau tular di internet.

Cara terbaik menjaga data anda sudah tentu tidak menghubungkannya dengan internet.

Comments

Post a Comment

Popular posts from this blog

Tawaran upgrade Unifi speed

AZRIZAINALABIDIN Artikal 130 - Panjang 7423 Seorang yang mengaku dari bahagian jualan atau tele-marketing di TM menghubungi mobile phone AZA untuk tujuan berikut 1. Meningkatkan kelajuan UNIFI speed yang AZA langgani kini dengan charge tambahan ke atas bil bulanan. 2. Status AZA yang bebas contract UNIFI akan diperbaharui dengan ikatan selama 2 tahun jika bersetuju. Charge akan jadi mahal jika AZA gunakan plan baru itu nanti dan akan terkesan dengan contract baru. 3. Hypp TV plan pula akan diberikan dengan plan channel maksima yang ada pada masa kini. Namun AZA sudah ada ASTRO dan AZA tidak menggunakan Hypp TV sedari mula AZA menggunakan UNIFI. Malah hardware Hyyp TV telah AZA buang. Jika AZA tak buang dulu, mungkin juga AZA akan pertimbangkan untuk stop langgan ASTRO dan gunakan Hyyp TV sahaja. 4. Panggilan yang AZA buat menggunakan talian tetap ke seluruh Malaysia pula akan dikenakan charge dan tidak lagi percuma jika AZA bersetuju dengan tawaran ini. Ketika dihubungi, A
Read more

Bagaimana untuk reset password maybank2u anda?

AZRIZAINALABIDIN Artikal 127 - Panjang 3979 Berikut adalah panduan dengan dua pilihan disediakan untuk anda reset password atau lupa password/username Maybank2u anda. User ID anda atau maybank2u kena blocked jika tiga kali login salah. Call Maybank di 1-300-88-66-88 untuk unblock ID anda. Pilihan seperti berikut: PILIHAN 1:MENGGUNAKAN MAYBANK2U PILIHAN 2:MENGGUNAKAN MAYBANK APP PILIHAN 1:MENGGUNAKAN MAYBANK2U 1. Pergi ke website maybank. Untuk keselamatan taip sendiri URL maybank iaitu https://www.maybank2u.com.my . 2. Pada screen nak login user name maybank2u, masukkan user name anda. Ni mesti kena betul. . 3. Selepas itu screen gambar yang anda pilih beserta phrase yang anda pilih, betul? Pastikan gambar dan phrase tu betul dahulu. Kalau salah call Maybank di 1-300-88-66-88. . 4. Kalau gambar dan phrase dah betul. Tap Yes . 5. Skrin MY PASSWORD akan dipaparkan. Tap pada FORGOT PASSWORD . 6. Skrin baru minta anda masukkan + CARD/ACCESS NO. + PIN NO. Jang
Read more

Cara guna Maybank E-Wallet (MAE)

AZRIZAINALABIDIN Artikal 331 - Berikut FAQ mengenai MAE Invite code AZA untuk MAE ialah abz1126 1. Who can open MAE? Below are the eligibilities: Age 12 and above Malaysian or Non Malaysian New bank or Existing bank customers Available from 6.00am to 11.00pm daily 2. What are the differences between MAE and other accounts? MAE is an e-Wallet, that allow customer to open Maybank eWallet account instantly under the Interoperable Credit Transfer Framework (ICTF) issued by Bank Negara Malaysia in 2018. 3. What do customer get from applying MAE? For New bank customers: Virtual Card MAE Account number M2U ID For Existing bank customers: New Account number, linked to their existing access. 4. What is the benefit to customers choosing MAE instead of other types of product with Maybank? Convenience of application, can apply through existing Maybank2u Mobile Application anytime, from anywhere. New lifestyle features that currently only offered via MAE i
Read more

Bangsa lebih penting - Artikal 1

Artikal 332 - Ketahui kajian mengenainya seperti berikut Despite sharing the same qualifications, language skills and experience, a job applicant’s race still plays a major factor in employment, a study has found. The study - conducted by Centre for Governance and Political Studies (Cent-GPS) - found that the resumes of Indians and Malays are the least likely to receive callbacks from employers in the private sector. On the other hand, the resumes of Chinese candidates dominated the callbacks by a huge margin, according to the centre in a statement Thursday (March 7). Over the past few months, Cent-GPS said it sent 3,829 job applications to more than 500 jobs. In each of these 500 jobs, seven nearly identical resumes were submitted, but represented by different fictitious ethnic group candidates - three Malays, two Chinese, and two Indians. The study ensured that all of the seven resumes had the same qualifications, experience, language ability (Bahasa Malaysia, English an
Read more

Penipu!

Artikal 330 - Bosan kan asyik kena tipu. Lantaklah apa nak jadi. Letih dah. Buat hal sendiri lagi bagus.
Read more
SELAMAT DATANG KE BLOG AZA

Google Blog AZA dengan taip "blog aza"

TELEGRAM MESSENGER

Kalau korang dapat apa-apa yang menarik di group korang, sila share ke telegram berikut.

Untuk apa-apa info umum di info umum

Untuk berkaitan Islam di share islam

Untuk berkaitan covid-19 di covid-19

Untuk berkaitan Blog AZA di Komuniti Blog AZA

CONTACT

Yang nak contact saya kat sini. Yang nak isi borang kat sini.


CARI ARTIKAL DI BLOG AZA

Taipkan apa-apa carian artikal berkaitan yang anda mahukan di Blog AZA yang terletak di penjuru atas sebelah kanan skrin yang berbentuk simbol kanta pembesar

SHARE

Cara untuk share mana-mana artikal dari Blog AZA, tap pada ikon share yang terletak pada sebelah kanan tajuk artikal ATAU pada sebelah kiri label di akhir setiap artikal

COVID-19

Korang boleh baca fakta sebenar mengenai covid-19 di GLOBAL REPORT 2019-nCOV novel coronavirus kerana tak boleh percaya jika sekadar teori / pendapat / asumsi / imaginasi.

APA MAKSUD FAKTA?

Fakta adalah korang tahu sesuatu terbukti benar makanya itu fakta korang. Korang ada fakta seperti gambar/video dan sebagainya. Jika fakta itu bukan milik korang ianya masih belum fakta, belum tentu kebenarannya kerana mungkin sahaja ianya tidak benar kerana pelbagai sebab seperti gambar/video di edit, data yang dimanipulasi seperti data di edit, data tidak real time makanya real time saat itu sebenarnya beda kerana data yang diberikan tidak tepat seperti jauh lebih lambat/cepat dan sebagainya. Ada fakta yang mempunyai expired date seperti hanya betul ketika tarikh itu sahaja. Contoh ada kajian selepas itu membuktikan ianya salah. Ada fakta yang sampai bila-bila betul. Contoh anda dilahirkan pada tarikh bla bla. Sampai bila-bila pun betul. Gitu.

Subscribe Blog AZA by enter your email address:

Delivered by FeedBurner

Senarai Penuh Label di Blog AZA

Show more