Dell Trusted Device Technical Advisories v3.2 May 2021 Rev.
Notes, cautions, and warnings NOTE: A NOTE indicates important information that helps you make better use of your product. CAUTION: A CAUTION indicates either potential damage to hardware or loss of data and tells you how to avoid the problem. WARNING: A WARNING indicates a potential for property damage, personal injury, or death. © 2019 - 2021 Dell Inc. All rights reserved.
Contents Chapter 1: Technical Advisories.....................................................................................................5 Contact Dell ProSupport....................................................................................................................................................5 New Features and Functionality v3.2............................................................................................................................. 5 Resolved Security Advisories v3.
New Features and Functionality v2.3............................................................................................................................13 Resolved Technical Advisories v2.3...............................................................................................................................13 Technical Advisories v2.3.................................................................................................................................................
1 Technical Advisories The Dell Trusted Device agent is part of the Dell SafeBIOS product portfolio. The Trusted Device agent includes BIOS Verification, Image Capture, and BIOS Events & Indicators of Attack. BIOS Verification provides customers with affirmation that devices are secured below the operating system, a place where IT administrator visibility is lacking. It enables customers to verify BIOS integrity using an off-host process without interrupting the boot process.
Resolved Technical Advisories v3.2 ● Security Risk Protection Score now displays the correct Firewall status after a new Trusted Device installation. [DPS-3017] Technical Advisories v3.2 ● After upgrades from earlier versions, the Trusted Device service log may contain IOCTL errors. These errors occur as a result of a communication issue to previous versions of the Trusted Device driver. As a workaround, after the required upgrade reboot, reboot the computer.
Resolved Security Advisories v3.0 ● The Trusted Device certificate verification workflow has been hardened. [DPS-2466] Resolved Technical Advisories v3.0 ● The following error message displays when Trusted Device is installed on a non-Dell computer. [DPS-2560] ● An issue resulting in service crash if Trusted Device is installed on an unsupported platform is resolved. [DPS-2612] Technical Advisories v3.
○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ Latitude 9410 Latitude 5310 Latitude 5410 Latitude 3311 Latitude 9410 2-in-1 Latitude 9510 Latitude 9510 2-in-1 Latitude 7210 2-in-1 Latitude 5310 2-in-1 Latitude 5510 Latitude 7310 2-in-1 Latitude 3510 Latitude 3410 Latitude 3310 2-in-1 Latitude 3310 Latitude 7410 Latitude 7410 2-in-1 Latitude 7310 Latitude 5411 Latitude 5511 Latitude 7220 Rugged Tablet Latitude 7220 Rugged Extreme Tablet OptiPlex 3280 OptiPlex 5480 All-In-One
Technical Advisories v2.10 ● After computer restart, BIOS Verification may identify a supported platform as unsupported. As a workaround, run BIOS Verification again. [DPS-2555] New Features and Functionality v2.9 ● Trusted Device now includes Security Risk Protection Score. Security Risk Protection Score enables administrators to determine the security risk level of computers in their enterprise. Trusted Device scans and detects the below security solutions and assigns a score per overall risk assessment.
● Dell.TrustedDevice.Service.exe.config has been removed from the Trusted Device installer. Resolved Security Advisories v2.8 ● The Trusted Device signing process is hardened. [DPS-1029] Resolved Technical Advisories v2.8 ● A rare issue resulting in a partial memory leak when reading or writing files is resolved. [DPS-2187] ● Uninstallation now removes Microsoft.IdentityModel.Protocols.OpenIdConnect.dll as expected.
○ ○ ○ ○ ○ ○ ○ ○ Precision 3640 Precision 5550 Precision 5750 Precision 7550 Precision 7750 XPS 13 9300 XPS 15 9500 XPS 17 9700 Resolved Security Advisories v2.7 ● An issue that allowed BIOS images to be redirected and written to an insecure location on the hard drive is resolved. [DPS-1920] Resolved Technical Advisories v2.7 ● Indicator of Attack detection is improved. [DPS-2129] ● An issue resulting in unrecorded Indicators of Attack is resolved. [DPS-2212] Technical Advisories v2.
Technical Advisories v2.6 ● In rare scenarios, Indicators of Attack are not recorded due to a missing registry entry. As a workaround, reboot the computer. [DPS-2212] New Features and Functionality v2.5 ● The Trusted Device agent now detects additional Indicators of Attack. ● Event Viewer Source names are standardized for BIOS Verification and BIOS Events & Indicators of Attack. Resolved Security Advisories v2.
● Installs are no longer blocked on the Dell Latitude 3400 and Latitude 3500 and Trusted Device functions as expected. [DPS-1616] Technical Advisories v2.4 ● In rare scenarios, BIOS Verification yields a false failure after login. As a workaround, run the Trusted Device agent again. [DPS-1901] New Features and Functionality v2.3 ● The Trusted Device agent now detects additional Indicators of Attack. ● The Trusted Device agent now monitors directories to ensure critical files are not deleted or tampered.
● After installation, during initial verification, BIOS Verification displays error 7 in logs. As a work-around, run the Trusted Device agent again for accurate BIOS Verification. [DPS-1371] New Features and Functionality v2.1 ● Trusted Device documentation (previously BIOS Verification) is now located on the following landing page: https:// www.dell.com/support/home/us/en/19/product-support/product/trusted-device/docs. ● The BIOS Verification agent is now rebranded to the Dell Trusted Device agent.
○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ Latitude 7400 2-in-1 Optiplex 7070 Ultra Optiplex 7071 Tower Precision 3540 Precision 3541 Precision 5540 Precision 7540 Precision 7740 XPS 13 7390 XPS 13 7390 2-in-1 XPS 15 7590 Resolved Technical Advisories v2.1 ● The Trusted Device product version is now in logging. [DPS-1194] Technical Advisories v2.1 ● Added May 4, 2020 - The Dell Latitude 3400 and Dell Latitude 3500 currently experience an issue waking from sleep mode with Trusted Device installed.
○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ 16 Latitude 3190 2-in-1 Latitude 3300 Latitude 3380 Latitude 3480 Latitude 3490 Latitude 3580 Latitude 3590 Latitude 5280 Latitude 5285 Latitude 5289 Latitude 5290 Latitude 5290 2-in-1 Latitude 5420 Latitude 5424 Latitude 5480 Latitude 5490 Latitude 5491 Latitude 5495 Latitude 5580 Latitude 5590 Latitude 5591 Latitude 7280 Latitude 7285 Latitude 7290 Latitude 7380 Latitude 7389 Latitude 7390 Lat
○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ Precision 5520 Precision 5530 Precision 5530 2-in-1 Precision 5820 Tower Precision 5820 XL Tower Precision 7520 Precision 7530 Precision 7720 Precision 7730 Precision 7820 Tower Precision 7920 XL Tower XPS 13 9365 XPS 13 9380 XPS 15 9560 XPS 15 9570 XPS 15 9575 Resolved Technical Advisories v1.6 ● No technical advisories exist. Technical Advisories v1.6 ● In rare occurrences, BIOS Verification incorrectly interprets supported devices as unsupported.
Resolved Technical Advisories v1.4 ● BIOS Verification no longer requires US time/date format to properly communicate with Dell Cloud. [DPS-700] Technical Advisories v1.4 ● No technical advisories exist. New Features and Functionality v1.3 ● BIOS Verification v1.3 now supports the following platforms: ○ Optiplex 7070 ○ Optiplex 7071 Tower Resolved Technical Advisories v1.3 ● When changing the Image Store directory, BIOS Verification now verifies write access to the destination directory.
New Features and Functionality v1.1 ● The following platforms are supported with BIOS Verification v1.1: ○ Latitude 5401 ○ Latitude 7540 ○ Latitude 7740 ○ XPS 7390 ● BIOS Verification now uses Microsoft's assembly versioning convention. Resolved Technical Advisories v1.1 ● BIOS Verification results now render properly in Internet Explorer. [DPS-9] ● BIOS Verification results now open in the user's default browser. [DPS-142] ● Authentication between BIOS Verification and Dell Cloud is hardened.
