Microsoft cancels Patch Tuesday for some Dell users over surprise shutdowns, overheating devices
Mega hardware vendor reports problems - but Windows maker isn't yet naming affected models
Stay informed on Dell's latest in information security. Get updates, insights, and expert analysis on all Dell cybersecurity developments.
Search across headline titles and summaries.
Background for this topic.
Dell produces a wide range of computing hardware, including laptops, desktops, servers, and storage devices, many of which incorporate embedded security features such as hardware-based encryption, secure boot, and trusted platform modules (TPMs). These built-in protections help safeguard data at rest and ensure device integrity, which is critical for preventing unauthorized access and tampering at the firmware or hardware level.
Security practitioners must monitor Dell’s firmware and driver updates closely, as vulnerabilities in these components can expose systems to privilege escalation or persistent malware infections. Additionally, Dell’s management consoles and remote access tools, if misconfigured or unpatched, may present attack surfaces for lateral movement within enterprise networks. Maintaining timely patching and validating device configurations are essential defensive practices when managing Dell hardware in security-sensitive environments.
Weekly headline count for the current query.
Mega hardware vendor reports problems - but Windows maker isn't yet naming affected models
Microsoft is blocking this month's Windows 11 security updates on some Dell devices because they are causing shutdowns and performance issues. [...]
Dell Conference Speakers Say 67% of AI Innovation Is Running Outside the CloudDell predicts up to $4 trillion in AI infrastructure investment by 2030, with 67% of AI workloads are already run outside the cloud. If this estimate is even roughly correct, the idea that enterprise AI mainly exists in hyperscaler environments is more of a forced narrative than a market reality.
Dell confirmed that its SupportAssist software is causing blue-screen crashes on some Windows systems following a wave of user reports about random reboots affecting Dell devices since Friday. [...]
Dell's John Roese on Quantum Readiness, Cryptographic Inventory and Sovereign AIQuantum computing poses an existential threat to encryption systems built on asymmetric key management protocols, and most enterprises don't know where their cryptographic exposure begins. Dell Technologies' John Roese explains what to do now.
Dell's AI Blueprint for Identity, Agents and Agentic InfrastructureGoing all-in on AI with a top down strategy and a ravenous appetite for innovation has helped Dell transform its operations and grow revenue by $30 billion, and the company's evolution lays out a blueprint for how CIOs should think about building infrastructure for AI and managing an army of agents.
Hardcoded credential flaw in RecoverPoint already abused in espionage campaign Uncle Sam's cyber defenders have given federal agencies just three days to patch a maximum-severity Dell bug that's been under active exploitation since at least mid-2024.…
Also: EU Bans AI Tools, Notepad++ Secures Updater, Apple Patches iOS Zero-DayThis week, Cambodia shuttered 200 scam centers. EU Parliament banned AI tools. Canada Goose disputed a ShinyHunters leak. Notepad++ patched an updater flaw. Apple fixed a decades-old iOS zero-day. BeyondTrust and Dell patched critical flaws under active exploitation.
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) ordered government agencies to patch their systems within three days against a maximum-severity Dell vulnerability that has been under active exploitation since mid-2024. [...]
Dell, however, is welcome to help build a local-language LLM Poland’s Ministry of Defence has banned Chinese cars – and any others include tech to record position, images, or sound – from entering protected military facilities.…
A China-related attacker has exploited the vendor flaw since mid-2024, allowing it to move laterally, maintain persistent access, and deploy malware.
A maximum severity security vulnerability in Dell RecoverPoint for Virtual Machines has been exploited as a zero-day by a suspected China-nexus threat cluster dubbed UNC6201 since mid-2024, according to a new report from Google Mandiant and Google Threat Intelligence Group (GTIG)
Mandiant reveals campaign featuring exploit of a CVSS 10.0 CVE in Dell RecoverPoint for Virtual Machines
Full scale of infections remains 'unknown' China-linked attackers exploited a maximum-severity hardcoded-credential bug in Dell RecoverPoint for Virtual Machines as a zero-day since at least mid-2024. It's all part of a long-running effort to backdoor infected machines for long-term access, according to Google's Mandiant incident response team.…
A suspected Chinese state-backed hacking group has been quietly exploiting a critical Dell security flaw in zero-day attacks that started in mid-2024. [...]
The Register looks forward to a briefing on Dell’s future hyperscale sovereign SaaS platform Dell CEO Michael Dell is part of the consortium that intends to acquire TikTok’s US operations, according to US president Donald Trump.…
A bug in the control board that connects peripheral devices in commonly used Dell laptops allowed malicious access all the way down to the firmware running on the device chip, new research finds.
Philippe Laulheret of Cisco Talos on Vulnerabilities in ControlVault FirmwareSecurity flaws in Dell's ControlVault firmware allowed attackers to run code on the chip, extract stored secrets and alter its behavior. By chaining these exploits, they could send malicious data to Windows components, said Philippe Laulheret, senior vulnerability researcher at Cisco Talos.
Cybersecurity researchers have uncovered multiple security flaws in Dell's ControlVault3 firmware and its associated Windows APIs that could have been abused by attackers to bypass Windows login, extract cryptographic keys, as well as maintain access even after a fresh operating system install by deploying undetectable malicious implants into the firmware
The now-patched vulnerabilities exist at the firmware level and enable deep persistence on compromised systems.