Electronics Enterprise News Security

Dell Laptops Infected By Superfish Like Bug, Company Issued eDellRoot Certificate Identified As Root Cause

Share on Facebook
Tweet about this on TwitterShare on Google+Share on StumbleUponShare on LinkedInPin on PinterestShare on Reddit

Dell laptops manufactured and shipped after July 2015 reportedly contain a severe flaw that exposes the devices to malware attacks. The eDellRoot certificate has been identified as the source of this entire bug issue.

Using this flaw in Dell’s newer laptops, hackers can easily bypass any firewall and infect a system. Once infected, the hackers can do the usual stuff — like spying on online activity of the user — and more advanced ones as well, including monitoring and initiating bank transactions, private messages etc.

Dell, on its part, has responded through a statement and clarified,

The certificate is not malware or adware. Rather, it was intended to provide the system service tag to Dell online support allowing us to quickly identify the computer model, making it easier and faster to service our customers.

This certificate is not being used to collect personal customer information. It’s also important to note that the certificate will not reinstall itself once it is properly removed using the recommended Dell process.

The lengthy instructions put up by Dell recommends the users to remove the certificate in order to resolve the issue — virtually indicating the certificate as the core issue.

The problem has been particularly evident in the newer range of laptops launched by the company. Its Inspiron 5000 and XPS 15 range of laptops are also affected by the issue. The purpose of the existence of the root file in Dell laptops is to encrypt connections. However, looks like the certificate which was meant to safeguard the laptops from hackers, has invariably become a gate pass to malicious hacking.

Those using popular browsers such as Firefox and Chrome are relatively safer but not to the fullest extent. These browsers rely on their own certificates and issue a warning whenever there is suspicious activity on the system. But when it comes to lesser known browsers, the security is compromised as these browsers use the certificate provided by Dell to make a connection secure. With the certificate key stored on the Dell laptop, any hacker can easily infect the certificate and unlock its encryption mechanism.

Similar issue, named Superfish, plagued Lenovo laptops in the beginning of this year, when a program that was integrated into the system for showing advertisements on webpages was used to gain access into the system.

Dell’s version of Superfish is thankfully being identified by the Windows Defender Security Update starting today. A Widows Defender scan would detect the certificate and delete it  automatically. The latest update of Windows Defender categorizes the flaw in the certificate as Win32/CompromisedCert.D. Microsoft stated in a blog post that “This threat is a Dell root certificate for which the private keys were leaked. This means a hacker can use this certificate to modify your browsing experience and steal sensitive information.”

Dell was forced to submit an apology and has assured it users that the certificate will no longer be part of its devices in the future.


[email protected]