Dell has admitted that a root certificate that was preinstalled on some of its laptops and computers has inadvertently introduced a security vulnerability.
eDellRoot, as it is known, is designed to make it simpler and quicker for users to “service their system”, the tech company explained.
However, as many experts have pointed out, this exposes users. For example, a cybercriminal could exploit the flaw to spy on individuals as they shop and bank online (man-in-the-middle attack).
Dell was keen to point out that this certificate should not be confused with being malware or adware.
“Rather, it was intended to provide the system service tag to Dell online support allowing us to quickly identify the computer model, making it easier and faster to service our customers,” it elaborated.
“This certificate is not being used to collect personal customer information. It’s also important to note that the certificate will not reinstall itself once it is properly removed using the recommended Dell process.”
The guidelines, which can be found here, offers users the opportunity to permanently remove eDellRoot from their device.
Further, Dell has stated that as of November 24th, it will “push a software update” that will check for the certificate. If detected, it will be deleted.
News of this security vulnerability first emerged on Reddit. One user, who had been troubleshooting an issue he had with his new laptop, “discovered that it came pre-loaded with a self-signed root certificate authority”.
“After briefly discussing this with someone else who had discovered this too, we determined that they are shipping every laptop they distribute with the exact same root certificate and private key,” he went on to say in his post.
“[This is] very similar to what Superfish did on Lenovo computers. For those that aren't familiar, this is a major security vulnerability that endangers all recent Dell customers.”
