Jump to content

Microsoft Makes Windows Defender Remove Nasty Dell Root Certificates DLL


SweX

Recommended Posts

Microsoft, everybody's favorite target when it comes to ridicule, has saved whatever was left of Dell's reputation by making Windows Defender periodically search and remove leftover DLLs that were respawning root certificates on Dell's laptops.

 

Over the weekend, a Reddit user discovered that some Dell models were shipped out with a root certificate, accompanied by a private key. This root certificate was called eDellRoot and allowed attackers to extract it and then execute Man-in-the-Middle attacks, intercepting secure HTTPS communications between the affected models and HTTPS-enabled servers.

 

If you've been away from your computer this week, here's a quick summary of the entire Dell root certificates debacle......

 

hxxp://news.softpedia.com/news/microsoft-makes-windows-defender-remove-nasty-dell-root-certificates-dlls-496783.shtml

 

Dell customers curious about their exposure can visit a test site setup by system admin Hanno Böck

hxxp://www.theregister.co.uk/2015/11/26/dell_cert_windows_defender/

 

Test site linked in The Register article above ->  https://edell.tlsfun.de/

Edited by SweX
Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...