Dell has just released an online guide on how to remove eDellRoot, the root certificate at the centre of its latest security headache, but there are now reports of new security issue linked to the Dell Foundation Services app.
The eDellRoot root certificate, which was pre-installed on Dell PCs, allowed potential attackers to mimic legitimate websites. Dell Australia provided a statement on the issue to Lifehacker Australia yesterday:
“The recent situation raised is related to an on-the-box support certificate intended to provide a better, faster and easier customer support experience. Unfortunately, the certificate introduced an unintended security vulnerability. To address this, we are providing our customers with instructions to permanently remove the certificate from their systems via direct email, on our support site and Technical Support. We are also removing the certificate from all Dell systems moving forward. Note, commercial customers who image their own systems will not be affected by this issue. Dell does not pre-install any adware or malware. The certificate will not reinstall itself once it is properly removed using the recommended Dell process.”
Overnight, the company released instructions online for the removal of eDellRoot from Dell computers and publically apologised to consumers for the debacle.
But Ars Technica has reported that a researcher has found another security issue on Dell computers. The issue concerns the Dell Foundation Service app, which is installed on Dell PCs to make it easier for customers to get technical support from the vendor. Problem is, websites can secretly acquire unique Dell support tags from any machine that’s running Dell Foundation Services.
The tag is typically used by the vendor’s staff to identify customers and can be entered into the Dell support website to obtain warranty information. This doesn’t sound like a big deal at first, but the information could be used by scammers posing as technical support staff from well-known companies like Microsoft to trick users into giving them access to their Dell computers. The information will certainly make scammers sound more convincing to Dell customers.
Ars Technica has advised users to uninstall the Dell Foundation Service app from their machines.