Moderators hazelnut Posted November 24, 2015 Moderators Share Posted November 24, 2015 Basically Dell self-signed the certificate and the key for it is now public on the internet. Removing it as suggested, it appears it comes back after reboot. This could turn out to be quite serious as using the key means someone could set up a spoofed website and no warning would be given. This applies to all browsers apart from Firefox. http://news.thewindowsclub.com/rogue-certificate-edellroot-dell-laptops-80921/ Support contact https://support.ccleaner.com/s/contact-form?language=en_US&form=general or support@ccleaner.com Link to comment Share on other sites More sharing options...
Moderators hazelnut Posted November 24, 2015 Author Moderators Share Posted November 24, 2015 Statement from Dell http://en.community.dell.com/dell-blogs/direct2dell/b/direct2dell/archive/2015/11/23/response-to-concerns-regarding-edellroot-certificate Support contact https://support.ccleaner.com/s/contact-form?language=en_US&form=general or support@ccleaner.com Link to comment Share on other sites More sharing options...
Moderators hazelnut Posted November 24, 2015 Author Moderators Share Posted November 24, 2015 Test here to see if your Dell is vunerable. https://edell.tlsfun.de/ More info about this here... it is a serious issue https://isc.sans.edu/diary/Superfish+2.0%3A+Dell+Windows+Systems+Pre-Installed+TLS+Root+CA/20411 Support contact https://support.ccleaner.com/s/contact-form?language=en_US&form=general or support@ccleaner.com Link to comment Share on other sites More sharing options...
login123 Posted November 25, 2015 Share Posted November 25, 2015 Thanks, hazelnut. I will notify the folks I know who own newer Dells. The CCleaner SLIM version is always released a bit after any new version; when it is it will be HERE :-) Pssssst: ... It isn't really a cloud. Its a bunch of big, giant servers. Link to comment Share on other sites More sharing options...
Moderators mta Posted November 25, 2015 Moderators Share Posted November 25, 2015 @login123, it may not just be 'newer' Dells. if it's all tied in with Dell Foundation Services, I've seen that on Dells for quiet a while, like a year or two it seems - maybe more. it's one of the bloatware programs I remove from Programs & Features whenever I come across a Dell PC. Backup now & backup often.It's your digital life - protect it with a backup.Three things are certain; Birth, Death and loss of data. You control the last. Link to comment Share on other sites More sharing options...
Moderators hazelnut Posted November 25, 2015 Author Moderators Share Posted November 25, 2015 if it's all tied in with Dell Foundation Services, I've seen that on Dells for quiet a while, like a year or two it seems - maybe more. it's one of the bloatware programs I remove from Programs & Features whenever I come across a Dell PC. ''In this case, it is not sufficient to just remove the CA. Dell Foundation Services will reinstall it. This is why you need to disable Dell Foundation Services first, or delete the Dell.Foundation.Agent.Plugins.eDell.dll.'' Support contact https://support.ccleaner.com/s/contact-form?language=en_US&form=general or support@ccleaner.com Link to comment Share on other sites More sharing options...
login123 Posted November 25, 2015 Share Posted November 25, 2015 Thanks mta. Hazelnut, I had read that, thanks. In your first link it says also: "We will also push a software update starting on November 24 that will check for the certificate, and if detected remove it." So I'll just tell'em to do a thorough checkup. Seems like Dell should do more in the way of remediation than just remove the certificate. If the computer is gummed up by their mistake, they should fix it completely. The CCleaner SLIM version is always released a bit after any new version; when it is it will be HERE :-) Pssssst: ... It isn't really a cloud. Its a bunch of big, giant servers. Link to comment Share on other sites More sharing options...
Moderators Andavari Posted November 26, 2015 Moderators Share Posted November 26, 2015 Test here to see if your Dell is vunerable. https://edell.tlsfun.de/ Sent that link to my mom so she can test her new Dell laptop, and told her if it is vulnerable to download the Dell updates. Link to comment Share on other sites More sharing options...
Moderators Andavari Posted November 30, 2015 Moderators Share Posted November 30, 2015 My mothers Dell laptop didn't even have it. Maybe because it was new and Dell was aware of it? Link to comment Share on other sites More sharing options...
Moderators rridgely Posted December 1, 2015 Moderators Share Posted December 1, 2015 My laptop wasn't vulnerable. I'm pretty sure my laptop had that program on it when I got it but I uninstalled all of the dell programs when I got it. Only thing I have on here by dell is "Dell System Detect" which is used to update drivers online. My laptop is from earlier this year. Dell Inspiron 13 7352, came with windows 8 but now runs windows 10. I've been very happy with this laptop. Its fast, well made, and gets pretty good battery life. I have the I7 version. This was a bonehead move by dell but its nowhere near as bad as Lenovo. I was actually looking at a pretty nice thinkpad when that scandal happened and went with this dell instead. Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now