Reddit.com discovered that Dell new laptops come pre-loaded with a self-signed root CA (Certificate Authority) by the name of eDellRoot. Apparently, Dell are shipping every laptop they distribute with the exact same root certificate and private key, very similar to what Superfish did on Lenovo computers. For those that aren’t familiar, this is a major security vulnerability that endangers all recent Dell customers.
Dell admitted that the certificate (eDellRoot) installed by Dell Foundation Services application on new PCs, unintentionally introduced a security vulnerability. The certificate was implemented as part of a support tool and intended to make it faster and easier to service customers systems.
Dell posted instructions how to permanently remove the certificate from customers systems here.