Follow this guide to identify and remediate Dell firmware updater vulnerability DSA-2021-088 via MECM.
Systems
Microsoft Endpoint Configuration Manager (MECM), formerly SCCM
Intended Audience
University of Illinois IT Pros leveraging MECM, hosted by Technology Services' Endpoint Services team
Identify affected endpoints
In the MECM console, navigate to Assets and Compliance > Compliance Settings > Configuration Baselines
Select the 'Detect Dell dbutil_2_3.sys driver for DSA-2021-088' baseline and deploy the baseline to the relevant collection for your unit
Allow enough time for the baseline to run. To speed up policy evaluation, right-click the relevant collection, select 'Client Notification', then select 'Download Computer Policy'.
Remediate affected endpoints
Navigate to Assets and Compliance > Compliance Settings > Configuration Baselines
Select the 'Detect Dell dbutil_2_3.sys driver for DSA-2021-088' baseline, then select the 'Deployments' tab in the lower center pane
Right-click the deployment to your unit's collection, select 'Create new Collection', then select 'Non-Compliant'
While creating the collection, please rename the collection and add your unit's prefix (i.e. UIUC-YourUnit-DSA-2021-088).
Navigate to Assets and Compliance > Overview > Device Collections, right-click the new collection, select 'Move', then select the appropriate folder within your unit
Navigate to the collection's new location, right-click the collection, select 'Deploy', then select 'Program'
In the 'Deploy Software Wizard', select 'Browse' next to the 'Software' field, then select the 'Dell DSA-2021-088 remediation utility' program
Complete the wizard by selecting the 'Required' purpose, 'Never rerun deployed program' rerun behavior, along with your preferred schedule and user experience settings
Allow enough time for the program to run. To speed up policy evaluation, right-click the relevant collection, select 'Client Notification', then select 'Download Computer Policy'.
Based on the schedule specified in the baseline deployment and collection, endpoints will fall out of the collection as they become compliant. Right-click the collection and select 'Update Membership' for a current evaluation of non-compliant endpoints.