Dell Acknowledges Second Vulnerable Certificate In Systems
The second certificate, like eDellRoot, could allow a hacker to intercept encrypted communications
Dell has acknowledged a second security vulnerability in its computers, much like one discovered over the past weekend, and said it is working to fix the issue.
Like the eDellRoot certificate, the new problem involves a self-signed certificate with an accompanying private key, a combination that could allow intruders to intercept encrypted network communications to and from a system, Dell said.
Second certificate
Dell acknowledged that the ‘DSDTestProvider’ certificate is put in place by an application that interacts with the Dell Support website, called Dell Systems Detect, which comes pre-installed on some Dell systems.
Users can also download Dell Systems Detect in order to use the “detect product” feature on Dell’s support website. The company said users who accessed the feature between 20 October and 24 November is likely to have the offending certificate on their system.
Both eDellRoot and DSDTestProvider were designed to help access remote support services, Dell claimed.
“The application was removed from the Dell Support site immediately and a replacement application without the certificate is now available,” Dell stated. “We are proactively pushing a software update to address the issue and have provided instructions to remove this certificate.”
The instructions and removal tools can be found on Dell’s website and the company said it has found no other root certificates on the factory-installed image.
Dell Systems Detect has been hit by other security issues in the past, and was found earlier this year to be vulnerable to remote code execution attacks. Dell provided a software update on Tuesday aimed at removing eDellRoot.
The vulnerable certificates recall Lenovo’s pre-installation of a similarly vulnerable certificate on some systems earlier this year. In that case, the discovery raised ire in part because the certificate was part of the company’s “Superfish” programme, which injected advertisements into web pages.
Are you a security pro? Try our quiz!
