Dell eDellRoot Certificate Vulnerability
Dell recently notified Tier1net of a security vulnerability within its Dell Foundation Services that run on Dell PCs and laptops. This could allow for a man in the middle attack to decrypt sensitive data transmitted from a PC or laptop running the Dell Foundation Services software.
As part of Tier1Net’s standard pre-configuration process, the Dell Foundation Services are removed by default so Tier1net customer’s risk of exposure should be minimal. For the few client machines which have still have the software installed, Tier1Net will be running a tool to remove the vulnerability.
Dell has issued a statement apologizing for the oversight and will not be installing this certificate on any future machines.
For more on Dell’s statement, read below:
“Today we became aware that a certificate (eDellRoot), installed by our Dell Foundation Services application on our PCs, unintentionally introduced a security vulnerability. The certificate was implemented as part of a support tool and intended to make it faster and easier for our customers to service their system. The certificate is not malware or adware. Rather, it was intended to provide the system service tag to Dell online support allowing us to quickly identify the computer model, making it easier and faster to service our customers. This certificate is not being used to collect personal customer information. It’s also important to note that the certificate will not reinstall itself once it is properly removed using the recommended Dell process. We have posted instructions to permanently remove the certificate from your system here. We will also push a software update starting on November 24 that will check for the certificate, and if detected remove it. Commercial customers who reimaged their systems without Dell Foundation Services are not affected by this issue. Additionally, the certificate will be removed from all Dell systems moving forward.”