It was only a few months ago when Lenovo were accused of installing hidden adware in their computers, but now Dell have also been accused of a similar matter with a plugin dubbed eDellRoot.
Like Lenovo’s Superfish adware, it has been discovered that Dell have been sending out PC’s and laptops with a hidden security hole called eDellRoot. This means specific affected computers are being shipped from manufacture with a pre-installed trusted root certificate (called eDellRoot) that can intercept HTTPS encrypted traffic for any website the user visits.
Dell have swiftly come forward announcing that eDellRoot is an unintentional security flaw:
Customer security and privacy is a top concern and priority for Dell. The recent situation raised is related to an on-the-box support certificate intended to provide a better, faster and easier customer support experience. Unfortunately, the certificate introduced an unintended security vulnerability. To address this, we are providing our customers with instructions to permanently remove the certificate from their systems via direct email, on our support site and Technical Support. We are also removing the certificate from all Dell systems moving forward. Note, commercial customers who image their own systems will not be affected by this issue. Dell does not pre-install any adware or malware. The certificate will not reinstall itself once it is properly removed using the recommended Dell process.
The computer hardware manufacturing company went on to add that eDellRoot was installed initially onto “consumer and commercial devices in August to make servicing PC issues faster and easier for customers.”
A report from The Register has noted that it may be installed on the following Dell models: the XPS 15, Latitude E7450, Inspirion 5548, Inspirion 5000, Inspiron 3647, and the Precision M4800.
To remove eDellRoot, users can go to the following website https://edell.tlsfun.de/ where the browser will open a webpage. If the webpage is green, the machine is safe, however if it’s red, the computer is affected.
To read a report from Duo Labs Security who have researched this eDellRoot issue, please click here. Within this report, they have also provided instructions how users can remove the plugin .
If you’re concerned about your computers security, speak with one of our trusted IT Consultants today.