Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Security
General Security Discussions
Dell BIOS Upgrade Utility and 7z SFX
Message
<blockquote data-quote="Parsh" data-source="post: 879181" data-attributes="member: 58090"><p>I downloaded DELL System BIOS update utility for my Inspiron laptop from the <a href="https://www.dell.com/support/home/in/en/inbsd1/?app=drivers" target="_blank">official drivers download page</a> — it has its vendor and application name as below<span style="font-family: 'courier new'"><span style="color: rgb(251, 160, 38)"><strong>(1)</strong></span></span>:</p><p></p><p>[ATTACH=full]238716[/ATTACH]</p><p></p><p>It looks like a self-extracting executable program created using 7z's SFX module for installers. The file is digitally signed by Dell <img class="smilie smilie--emoji" loading="lazy" alt="✅" title="Check mark button :white_check_mark:" src="https://cdn.jsdelivr.net/joypixels/assets/6.6/png/unicode/64/2705.png" data-shortname=":white_check_mark:" /> so it would run without issues.</p><p>If the above is standard because the 7z (SFX stub) is holding the main Dell BIOS utility executable, should they not use another way in which the downloaded exe identifies well with the brand? I am taking the perspective of an average user, ambiguity and trust.</p><p>For such a large corporation, the application and vendor name should reflect association and ownership of Dell, shouldn't it?</p><p></p><p>EDIT: I just checked their BIOS utility for a few <u>business</u> laptops —old Latitude model and a newer Precision model. They have vendor name as one would expect:</p><p>[ATTACH]238717[/ATTACH]</p><p></p><p>I've also seen similar practice <span style="font-family: 'courier new'"><span style="color: rgb(251, 160, 38)">(1)</span></span> in cases like Shadow Defender and Firefox setup stub (years back).</p><p></p><p>[ATTACH]238711[/ATTACH] [ATTACH]238712[/ATTACH]</p></blockquote><p></p>
[QUOTE="Parsh, post: 879181, member: 58090"] I downloaded DELL System BIOS update utility for my Inspiron laptop from the [URL='https://www.dell.com/support/home/in/en/inbsd1/?app=drivers']official drivers download page[/URL] — it has its vendor and application name as below[FONT=courier new][COLOR=rgb(251, 160, 38)][B](1)[/B][/COLOR][/FONT]: [ATTACH type="full" alt="Screenshot (92).png"]238716[/ATTACH] It looks like a self-extracting executable program created using 7z's SFX module for installers. The file is digitally signed by Dell ✅ so it would run without issues. If the above is standard because the 7z (SFX stub) is holding the main Dell BIOS utility executable, should they not use another way in which the downloaded exe identifies well with the brand? I am taking the perspective of an average user, ambiguity and trust. For such a large corporation, the application and vendor name should reflect association and ownership of Dell, shouldn't it? EDIT: I just checked their BIOS utility for a few [U]business[/U] laptops —old Latitude model and a newer Precision model. They have vendor name as one would expect: [ATTACH alt="Screenshot (100).png"]238717[/ATTACH] I've also seen similar practice [FONT=courier new][COLOR=rgb(251, 160, 38)](1)[/COLOR][/FONT] in cases like Shadow Defender and Firefox setup stub (years back). [ATTACH alt="Screenshot (97).png"]238711[/ATTACH] [ATTACH alt="Screenshot (96).png"]238712[/ATTACH] [/QUOTE]
Insert quotes…
Verification
Post reply
Top