SweX 871 Posted November 27, 2015 Share Posted November 27, 2015 (edited) Microsoft, everybody's favorite target when it comes to ridicule, has saved whatever was left of Dell's reputation by making Windows Defender periodically search and remove leftover DLLs that were respawning root certificates on Dell's laptops. Over the weekend, a Reddit user discovered that some Dell models were shipped out with a root certificate, accompanied by a private key. This root certificate was called eDellRoot and allowed attackers to extract it and then execute Man-in-the-Middle attacks, intercepting secure HTTPS communications between the affected models and HTTPS-enabled servers. If you've been away from your computer this week, here's a quick summary of the entire Dell root certificates debacle...... hxxp://news.softpedia.com/news/microsoft-makes-windows-defender-remove-nasty-dell-root-certificates-dlls-496783.shtml Dell customers curious about their exposure can visit a test site setup by system admin Hanno Böck hxxp://www.theregister.co.uk/2015/11/26/dell_cert_windows_defender/ Test site linked in The Register article above -> https://edell.tlsfun.de/ Edited November 27, 2015 by SweX Link to comment Share on other sites More sharing options...
Megachip 5 Posted December 3, 2015 Share Posted December 3, 2015 How did ESET secure against it? How they prevent someone using "ESET SSL Filter CA" for illegitimate signing? Link to comment Share on other sites More sharing options...
Recommended Posts