What you need to know
- Some Dell printer drivers have been flagged as malware by antivirus products.
- The issue was caught today by security and cybercrime journalist Brian Krebs.
- It's uncler what's going on with the drivers, but you likely want to avoid installing any updates for now.
Update November 10 (4:55 p.m. ET) — Dell pulls links, says it is investigating claims
Dell says that it has removed the files from public access and is investigating the claim that they are malicious. "Our cybersecurity team has removed the files (and the links to the files) and are investigating the claim that they are malicious," Dell said in a statement to Windows Central. "The files are no longer accessible to the public. The security of our networks and products is a top priority and critical to protecting our customers' information."
If you own a Dell printer, you'll likely want to avoid installing any driver updates for the time being. Several driver updates for Dell printers are currently being flagged as malware by antivirus engines. The issue was first spotted by investigative journalist Brian Krebs on Twitter.
If you're thinking about updating some drivers for your Dell devices today, maybe hold off a bit. Several driver downloads for printers on Dell's site are being detected by 24 or more antivirus products as malware. e.g. https://t.co/bw7BDof9CH result -> https://t.co/uWZ8d5dpQRIf you're thinking about updating some drivers for your Dell devices today, maybe hold off a bit. Several driver downloads for printers on Dell's site are being detected by 24 or more antivirus products as malware. e.g. https://t.co/bw7BDof9CH result -> https://t.co/uWZ8d5dpQR— briankrebs (@briankrebs) November 10, 2020November 10, 2020
Checking logs for some of the driver updates on Virus Total shows that more than 24 engines have detected malware in the updates. Antivirus products that have detected the updates as malware include Avast, BitDefender, Microsoft, and McAfee, among others. All of them have detected the updates as either unsafe, general malware, or trojans.
It's unclear what's going on with the updates, whether it's something triggered on Dell's end or if a bad actor has modified the downloads. We've reached out to Dell for comment and will update this story when more information is available. For now, it would be wise to avoid installing any Dell printer driver updates if prompted.
Possible "Supply Chain" attack on Dell? Who writes their drivers? (contractors I'm sure) who posts them? How secure is that web site? Planting worms in Printer Drivers is a good way to distribute them as many are either not digitally signed (32-bit) or are auto-signed with Dell's signature when complied, whether they are clean or not.
Get the best of Windows Central in in your inbox, every day!
Thank you for signing up to Windows Central. You will receive a verification email shortly.
There was a problem. Please refresh the page and try again.