デル製PCのBIOS機能に脆弱性

3,000万台のデル製PCのBIOS機能に脆弱性。更新または機能無効化を推奨 (06/25)

https://pc.watch.impress.co.jp/docs/news/1334079.html

DSA-2021-106: Dell Client Platform Security Update for Multiple Vulnerabilities in the BIOSConnect and HTTPS Boot features as part of the Dell Client BIOS

https://www.dell.com/support/kbdoc/ja-jp/000188682/dsa-2021-106-dell-client-platform-security-update-for-multiple-vulnerabilities-in-the-supportassist-biosconnect-feature-and-https-boot-feature

回避策と緩和策

BIOSを最新版にする事が推奨されているが、出来ない場合は次の緩和策を。 

BIOSConnect:

Customers may disable the BIOSConnect feature using one of two options:

Option 1: Customers may disable BIOSConnect from the BIOS setup page (F2). 

Option 2: Customers may leverage Dell Command | Configure (DCC)’s Remote System Management tool to disable the BIOSConnect and Firmware Over the Air (FOTA) BIOS settings. 

HTTPS Boot:

Customers may disable the HTTPS Boot feature using one of two options:

Option 1: Customers may disable BIOSConnect from the BIOS setup page (F2). 

Option 2: Customers may leverage Dell Command | Configure (DCC)’s Remote System Management tool to disable HTTP Boot Support.