After One Root Certificate Another Detected on Dell Computers Along with Tracking Vulnerability

Following the discovery of one root certificate that of its own performed digital signatures within Dell laptop and desktop PCs enabling exploitation for launching MitM (man-in-the-middle) assaults, security researchers detected another similar certificate as well as one security flaw capable of enabling user activity tracking, published securityweek.com dated November 25, 2015.

According to the researchers, consumer and commercial computers from Dell that execute software known as Dell Foundation Services contain eDellRoot name of one root certificate as well as its personal key. A cyber-miscreant if abuses this weakness could tap communications of HTTPS type while seize critical data else deliver malicious software to victims.

Explaining the above stand, Dell stated that the company had packed the certificate starting August 2015 along with its Dell Foundation Services updates. The root certificate enabled employees towards recognizing the PC model during sale to customers.

Once the alarm was raised, steps on how the root certificate could be removed came from Dell and the company began thrusting fresh updates created for erasing eDellRoot.

Nevertheless, there's one more certificate included into the Dell systems which MitM attackers could exploit. To install and utilize this other certificate is the application namely Dell System Detect that contains the features "Detect Product" to assist end-users recognize their laptop's technical details along with model and make.

Immediately like eDellRoot, there's another application called DSDTestProvider that too is loaded to Windows together with its personal key. Attackers can use this for extracting data to subsequently utilize the same for executing MitM assaults, delivering horrendous malware supposedly from an authentic place.

Dell has offered directions to customers regarding the way they can manually erase the certificate, while further plans towards providing software update for its PCs for checking if the certificate is present as also how to subsequently eliminate it.

Meanwhile, in 2015, a similar case of vulnerability in out-of-the-box computer was found with Lenovo laptops caused from one pre-loaded application known as Superfish. This program changed hits from online search for displaying various advertisements; however, it as well meddled with the PC's inbuilt security. The problem finally got resolved through one special tool.

» SPAMfighter News - 12/1/2015