Script to patch your domain computers about the CVE-2021-21551. Privesc on machines that have the driver dbutil_2_3.sys, installed by some DELL tools (BIOS updater, SupportAssist...). It uses WinRM to invoke the checks on every domain-member computers. Tries to clean the vulnerable drivers & fullfill a .txt list with status.
- Just launch the script, it does the job :)
PS> ./CVE-2021-21551-remotefix.ps1
// Make sure that your clients are accessible with WinRM (PSRemoting). //
// Else not, you can modify the script to run locally by a scheduled task, pushed by GPO. //
PS> ./CVE-2021-21551-localfix.ps1
In case that you can't access to your domain computers with WinRM, you can push that script with a GPO scheduled task.
It will execute the script locally, clean the driver(s) and notify results by e-mail.
-
Update these these 3 args :
-
Create a GPO targeted to your computers to run the script