Dell Driver Exploit Is Still Possible, Even After May Security Update

A set of five vulnerabilities in Dell drivers have been disclosed in May 2021 after 12 years of being exploitable. However, despite the security update that came in the same month, the update didn't fix the write-what-where condition but only limited access to administrative users. According to security researchers, it is still possible to use Bring Your Own Vulnerable Driver technique to exploit vulnerable driver to elevate privileges or execute the code. Read more...