Dell devices bought since August affected by eDellRoot certificate

Dell Users for Windows-based laptops, desktops, tablets and other devices that were purchased before August need to check if their systems have the self-signed eDellRoot certificate that could compromise their private communications.
The certificate was deployed by Dell Foundation Services, an application that Dell loads beforehand on many of its devices in order to facilitate customer service and technical support functions.
After the certificate’s existence came in focus previously this week, Dell informed that it started deploying the certificate through a Dell Foundation Services version released in August. This forces many people to believe that only Dell devices bought since August were affected. That’s not exactly true. Older devices that had Dell Foundation Services installed may also have the certificate, if the tool was configured to receive automatic updates. A Dell Venue Pro 11 convertible Windows tablet in PCWorld’s possession that was bought in April was affected.
According to a Dell representative , “For those customers who already had Dell Foundation Services and opted in to updates, the eDellRoot certificate was part of versions 2.2/2.3 issued starting in August.”
“When you install DFS, it asks if you want to receive automatic updates,” the representative added. “Our customers who choose ‘yes’ receive the automatic updates.”
Still, since DFS comes preloaded on number of systems it is not clear at which point the user has to choose in to automatic updates. According to the tool’s release records, it is compatible with devices from several product lines, involving XPS, OptiPlex, Inspiron, Precision, Precision Tower, Vostro, Latitude and Venue Pro.
DSDTestProvider , a second Dell self-signed root certificate called has also been found. This certificate was installed on computers by the Dell System Detect (DSD) tool that users are caused to install when they to visit the Dell support website and click the “Detect Product” button.
This device is not preloaded on computers and only users who visited the Dell support website between Oct- 20 and Nov -24 were potentially caused to download a DSD version that included the certificate. Though, users had this application installed on their computers from previous visits to the Dell support website, DSD does not update itself automatically without the user visiting the website again and agreeing to install the latest version, according to the Dell representative.
Dell has provided a removal tool and published manual removal instructions for both the eDellRoot and DSDTestProvider. Users can test if they have these certificates on their systems by clicking the Windows key + r, typing certlm.msc and hitting Run. After allowing the Microsoft Management Console to execute, they can look for them in the Trusted Root Certification Authorities in Certificates list option.
Source :

Related Posts