Last week we reported that Dell computers were being shipped with a security flaw similar to Lenovo’s “Superfish”. It involved a root certificate called eDellRoot. While Dell itself has released instructions on how to remove the certificate from its computers, Microsoft has come to the rescue by providing tools that will get rid of eDellRoot automatically.
With eDellRoot, hackers can bypass HTTPS protection protocols by forging certificates that mimic it. They can then imitate any legitimate website without the user ever knowing. According to Microsoft, the certificate can be found running on Windows 7, 8, 8.1 and 10.
Microsoft’s Karthik Selvaraj details how you can find out if your PC is vulnerable:
The following can indicate that you have this threat on your PC:
You have the following Certificate Thumbprint hash:
CN=DSDTestProvider, HASH:02c2d931062d7b1dc2a5c7f5f0685064081fb221
Under one of the following registry keys:
HKLMSoftwareMicrosoftSystemCertificatesROOTCertificates
HKCUSoftwareMicrosoftSystemCertificatesRootCertificates
Microsoft has updated its security software to remove eDellRoot off Windows computers. You can use the following free software to purge the certificate:
- Windows Defender for Windows 10 and Windows 8.1 or Microsoft Security Essentials for Windows 7 and Windows Vista
- Microsoft Safety Scanner
- Microsoft Windows Malicious Software Removal Tool
Comments