/build/static/layout/Breadcrumb_cap_w.png

Repeated attempts to install "DBUtil removal tool"

For the last few days we've had reports of Kace Dell Updates attempting to run"DBUtil removal tool," and then requesting a reboot. The patch shows as Not Installed on every connected system. Is anybody else experiencing this?

Name: DBUtil Removal Utility,2.5.0,A03

Package: 8GG09

Released: 08/20/2021

ID: PTCH273578


0 Comments   [ + ] Show comments

Answers (3)

Answer Summary:
Posted by: barchetta 4 weeks ago
Orange Senior Belt
2

I opened a ticket with KACE on this.   They blame the issue on Dell.   So end of story. set it to 1 try because KACE wont do anything about it.

Posted by: Nick_F 1 week ago
Senior White Belt
1

Top Answer

I just created a script to remove the vulnerable file if it is present.  When Dell drivers are checked, it will install the new file the next time it updates.


Here's the script I use:

$users = Get-ChildItem C:\Users | select Name


foreach ($user in $users) {

    if (Test-path 'C:\users\$user.name\appdata\local\temp\dbutil_2_3.sys'){

        Remove-Item 'C:\Users\$user.name\appdata\local\temp\dbutil_2_3.sys'

        Write-Host Removed dbutil_2_3.sys for $user.name

    }

    else{

        Write-Host dbutil_2_3.sys was not found for $user.name

    }

}


If (Test-Path "C:\windows\Temp\dbutil_2_3.sys") {

    Remove-Item "C:\windows\Temp\dbutil_2_3.sys"

    Write-Host "dbutil_2_3.sys has been removed from C:\Windows\Temp"

     }

     else {

        Write-Host "dbutil_2_3.sys was not found in C:\Windows\Temp"

     }

Posted by: Channeler 1 month ago
Red Belt
1

It's a tool from DELL, to remove vulnerable drivers.

See:
https://www.dell.com/support/kbdoc/en-pa/000190105/dsa-2021-152-dell-client-platform-security-update-for-an-insufficient-access-control-vulnerability-in-the-dell-dbutildrv2-sys-driver#:~:text=Manually%20download%20and%20run%20the,or%202.6%20of%20the%20DBUtilDrv2.

According to that article, a reboot is mandatory in order to complete the installation.

But actually, nothing it's installed, it's up to the tool to decide what remove or leave as is.

 
This website uses cookies. By continuing to use this site and/or clicking the "Accept" button you are providing consent Quest Software and its affiliates do NOT sell the Personal Data you provide to us either when you register on our websites or when you do business with us. For more information about our Privacy Policy and our data protection efforts, please visit GDPR-HQ