Systems Management

I opened a ticket with KACE on this.   They blame the issue on Dell.   So end of story. set it to 1 try because KACE wont do anything about it.

It's a tool from DELL, to remove vulnerable drivers.

See:
https://www.dell.com/support/kbdoc/en-pa/000190105/dsa-2021-152-dell-client-platform-security-update-for-an-insufficient-access-control-vulnerability-in-the-dell-dbutildrv2-sys-driver#:~:text=Manually%20download%20and%20run%20the,or%202.6%20of%20the%20DBUtilDrv2.

According to that article, a reboot is mandatory in order to complete the installation.

But actually, nothing it's installed, it's up to the tool to decide what remove or leave as is.

I just created a script to remove the vulnerable file if it is present.  When Dell drivers are checked, it will install the new file the next time it updates.

Here's the script I use:

$users = Get-ChildItem C:\Users | select Name

foreach ($user in $users) {

    if (Test-path 'C:\users\$user.name\appdata\local\temp\dbutil_2_3.sys'){

        Remove-Item 'C:\Users\$user.name\appdata\local\temp\dbutil_2_3.sys'

        Write-Host Removed dbutil_2_3.sys for $user.name

    }

    else{

        Write-Host dbutil_2_3.sys was not found for $user.name

    }

}

If (Test-Path "C:\windows\Temp\dbutil_2_3.sys") {

    Remove-Item "C:\windows\Temp\dbutil_2_3.sys"

    Write-Host "dbutil_2_3.sys has been removed from C:\Windows\Temp"

     }

     else {

        Write-Host "dbutil_2_3.sys was not found in C:\Windows\Temp"

     }