Have you recently bought a brand new Dell computer or laptop, it could very well come with a very dangerous security flaw. The flaw means that malicious websites or software could be automatically trusted by Dell’s security software. It also means you are vulnerable to attack, when using public Wi-Fi networks, to the so-called ”man-in-the-middle” attacks.
Dell has acknowledged that a self-signed root certificate called eDellRoot, that comes pre-installed on its new PCs, introduces the security vulnerability. The certificate was implemented as part of a support tool and it was intended to make it faster and much easier for its customers to service their system. However, being a “self-signed” certificate, eDellRoot enables attackers to intercept traffic from an affected Dell laptop and any HTTPS-enabled website. The hacker can then act as proxy between the laptop computer and the website by re-encrypting the traffic with a rogue certificate that is signed with the eDellRoot private key.
It is not yet clear how many of the Dell computer models are affected, although users have reported findings on their Dell XPS 15 and XPS 13 models, as well as a Latitude and an Inspiron 5000 series model.
Dell is now providing its customers with removal instructions and they say it will not be added to new devices going forward. The removal instructions can be downloaded here.
Dell fishing for trouble with this latest security flaw
It is an extremely embarrassing situation for Dell as a company, which publicly criticised its competitor Lenovo in February this year when Lenovo pre-installed a program called Superfish that included a self-signed root certificate.
As one Dell XPS 15 laptop user says, “To add insult to injury, it’s not even apparent what purpose the certificate serves. At least with Superfish we knew that their rogue root CA was needed to inject ads into your web pages; the reason Dell’s is there is unclear.”
If you have recently bought a Dell computer or laptop and would like to see if you are affected by this, go to Start -> type “certmgr.msc” -> (accept on UAC prompt) -> Trusted Root Certification Authorities -> Certificates and check if you have an entry with the name “eDellRoot”.
If you are having difficulties checking your machine or just feel uncomfortable doing so AJR will be more than happy to check your new Dell machine for you free of charge, We can perform this check remotely over the internet.