Dell creates security vulnerability unintentionally

Reddit.com discovered that Dell new laptops come pre-loaded with a self-signed root CA (Certificate Authority) by the name of eDellRoot. Apparently, Dell  are shipping every laptop they distribute with the exact same root certificate and private key, very similar to what Superfish did on Lenovo computers. For those that aren’t familiar, this is a major security vulnerability that endangers all recent Dell customers.

Dell admitted that the certificate (eDellRoot) installed by Dell Foundation Services application on new PCs, unintentionally introduced a security vulnerability. The certificate was implemented as part of a support tool and intended to make it faster and easier to service customers systems.

Dell posted instructions how to permanently remove the certificate from customers systems here.

Read more here – https://www.reddit.com/r/technology/comments/3twmfv/dell_ships_laptops_with_rogue_root_ca_exactly/

Leave a Comment

Your email address will not be published.

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Scroll to Top