Dell apologizes for root certificate issues and releases fix

Photo: Leyram Odacrem

Dell, as previously reported , released Dell XPS 15 laptops with a root certificate pre-installed in the operating system, the key and password of which are the same in all laptops of this model. Thus, the safety of laptop owners was in jeopardy. Dell quickly recognized the issue and also released a software tool that addresses this issue.

Initially, the eDellRoot certificate was intended to facilitate the work with the system for its owner. But in fact, the coincidence of logins and passwords is fraught with the possibility of a MitM attack with the interception and arbitrary change of encrypted data.

Dell wrote on this subject: “The certificate is not malware or adware. This is a tool that allows a company support to quickly identify a device model, making it easier for the user to maintain the system. However, the certificate does not collect user personal data. It is also important to remember that the certificate is not reinstalled if deleted. ”

Users who have noticed eDellRoot can delete the certificate using the installer . In order to check the availability of this certificate, you can click here on this link . If the user's computer is affected by the above vulnerability, the resource will report this.

You can check for a certificate manually. This requires:

• go to the "start" menu, type mmc, press Enter;
• File -> Add / Remove Snap in;
• Select certificates and click “Add”;
• Select an account and click Next;
• Select Local computer and click Finish;
• OK
• List the certificates and Root Certification Authorities;
• We select the folder with certificates, and see if there is eDellRoot.

If desired, the file can be deleted.

What else?

Generally speaking, the danger can be even more serious than is considered. So, the other day Duo Security published data on a problem with a Dell certificate from one of the SCADA systems. Such systems are usually responsible for power networks, dam management, industrial processes.

The second problem associated with the same certificate is a simple password for connecting via Bluetooth to the Dell laptop service software of the indicated models. This is a t-span, and picking up a similar combination of letters and symbols is a matter of a couple of minutes. True, the certificate is no longer valid, its validity has come to an end in March 2013, so the problem is not so serious.

The good point in this story is Dell’s fast response. The company apologized and thanked the information security specialists who discovered the problem.