Huge Security Hole Found in New Dell PCs

A recently uncovered security vulnerability in new Dell PCs leaves users’ communications potentially open to interception or corruption.–PC Pitstop.

Huge Security Hole Found in New Dell PCs

by Jim Hillier for Daves Computer Tips

Following close on the heels of the Lenovo “Superfish” debacle comes news of yet another major manufacturer embroiled in similar security controversy, this time it’s the US-based Dell.

As part of an enhanced support tool, Dell installed a self-signed root certificate (eDellRoot) and corresponding private key on its computers, apparently blissfully unaware that this exposes users’ encrypted communications to potential spying. Even more surprising is that the company did this with full knowledge of Lenovo’s very similar security blunder which came to light earlier this year.

In Lenovo’s case the goal was ad injection whereas Dell asserts that it was only trying to streamline remote support. Regardless of intention, this silly blunder creates a gaping security hole for those affected.

At this stage it remains unclear as to exactly what models may be affected. However, Dell PC owners can check for the vulnerability here: https://edell.tlsfun.de/

Article Continued Here

Dell’s Response

Want to get monthly tips & tricks?

Subscribe to our newsletter to get cybersecurity tips & tricks and stay up to date with the constantly evolving world of cybersecurity.

Related Articles