News Categories

Dell acknowledges eDellRoot certificate is unsafe, shows you how to remove it

By Ian Chee & Kenny Yeo - on 25 Nov 2015, 9:44am

Dell acknowledges eDellRoot certificate is unsafe, shows you how to remove it

Image source: Dell

Dell computers shipped after August could have a serious security flaw. The problem lies with a certificate called eDellRoot, which could allow attackers to intercept communications between the affected Dell computer and a HTTPS-enabled website.

Today, Dell has acknowledged that its eDellRoot certificate does indeed pose a security threat to users. However, they also want to emphasize that the certificate is not malware or adware.

According to Dell, the certificate was intended for Dell online support to quickly identify computer models, thus making it easier and faster for customers to receive support.

This is what Dell said:

Today we became aware that a certificate (eDellRoot), installed by our Dell Foundation Services application on our PCs, unintentionally introduced a security vulnerability. The certificate was implemented as part of a support tool and intended to make it faster and easier for our customers to service their system. Customer security and privacy is a top concern and priority for Dell; we deeply regret that this has happened and are taking steps to address it.

Dell has also posted instructions on how to remove the certificate from your system here.

However, if the instructions are too complicated for you, a software update will be issued soon that will check for the certificate and remove it automatically if detected.

Source: Dell