Common vulnerabilities and exposures (CVEs) put organizations and their employees at risk daily and are one of the primary reasons PCs are managed and updated. Why? Hardware-level threats are greatly increasing as OS-level targets are hardened and attackers seek softer, less well-defended points of entry. In a 2023 study, the Futurum Group found that device-level attacks are up 1.5x since the pandemic. CVEs are an attacker’s gateway to your critical apps and data. Not only are attackers becoming more sophisticated in their methods, but the total number of CVEs is also expected to further increase by 25% in 2024.
It’s likely your team is already looking into ways to improve visibility into CVEs. A global survey of IT and security professionals conducted by ESG shows that organizations’ top evaluation criteria when they source new hardware are automated workflows for detecting BIOS firmware events and high-risk configurations.
In this world, knowledge—and automation—are powerful. Intelligent PCs, designed with security in mind with the right tools to manage them, can contribute to the overall health of your fleet. Dell commercial PCs do just that, with built-in security features (many of which are unique to Dell) designed to catch and repel threats before they do damage. We’re on a mission to secure your workspace and are pleased to announce a brand-new feature aimed at reducing the attack surface even further: CVE Detection.
Available via our Dell Trusted Device Application (DTD App) as of v.6.3, and part of the Dell SafeBIOS umbrella of protections, CVE Detection is a built-in monitoring feature that scans for publicly reported security flaws on a device and provides recommendations on how to fix them.
With CVE Detection in place, IT teams can proactively assess device health against a database of publicly disclosed computer security flaws maintained in the U.S. National Vulnerability Database. Automating this critical, time-intensive workflow contributes to a stronger security posture and greater operating efficiency—i.e., additional value at no added cost. CVE Detection is designed to look for vulnerabilities specific to a PC model, recommending BIOS updates to mitigate the risk of exposure.
The first version of CVE Detection launches for BIOS vulnerabilities. In the future, we plan to extend the capabilities to cover application, drivers and other firmware vulnerabilities. Additionally, we’ll push the CVE Detection insights into the Microsoft Intune environment in the coming months.
To access the latest features on Dell commercial PCs, continue to keep the DTD App* up to date. We release (e.g., new features, patches, etc.) every month. Read our DTD Below-the-OS white paper for more detail or reach out to us to learn what makes Dell the industry’s most secure commercial PCs.**
* Factory installed for all Dell commercial PCs.
** Based on Dell internal analysis, September 2023. Applicable to PCs on Intel processors. Not all features available with all PCs. Additional purchase required for some features.
*** This blog was originally posted to Dell.com