Some recent Dell computers have included a root certificate called eDellRoot that was designed to help Dell support staff identify a computer when users requested support.

Unfortunately eDellRoot also posed a pretty serious security risk.

Now Dell has responded with instructions for manually removing eDellRoot from an affected computer. The company also says it will stop loading the certificate on computers moving forward, and that a software update rolling out this week will automatically remove the software from many computers.

credit: rotorcowboy
credit: rotorcowboy

If this sounds familiar, it’s because the situation is similar to one Lenovo found itself in earlier this year when it was discovered that the company was pre-installing software called “Superfish” on its computers.

But while Superfish was installed for advertising purposes, Dell wasn’t making any money from eDellRoot. The company says it was only installed to make it easier to provide support for Dell computers. And Dell did respond to the situation pretty quickly once the security implications were pointed out.

Still, it’s a reminder that there’s more than one way to interpret the recent marketing campaign from Dell, HP, Lenovo, Intel, and Microsoft that asks “PC does what?

via /r/Android and Joe Nord

Support Liliputing

Liliputing's primary sources of revenue are advertising and affiliate links (if you click the "Shop" button at the top of the page and buy something on Amazon, for example, we'll get a small commission).

But there are several ways you can support the site directly even if you're using an ad blocker* and hate online shopping.

Contribute to our Patreon campaign

or...

Contribute via PayPal

* If you are using an ad blocker like uBlock Origin and seeing a pop-up message at the bottom of the screen, we have a guide that may help you disable it.

Subscribe to Liliputing via Email

Enter your email address to subscribe to this blog and receive notifications of new posts by email.

Join 9,547 other subscribers

One reply on “Dell support tool poses security risk, company issues a fix”