News and Happenings

Microsoft Makes Windows Defender Remove Nasty Dell Root Certificates DLL

Submitted by AFK, , Thread ID: 13463

Thread Closed
29-11-2015, 09:12 PM
#1
Microsoft, everybody's favorite target when it comes to ridicule, has saved whatever was left of Dell's reputation by making Windows Defender periodically search and remove leftover DLLs that were respawning root certificates on Dell's laptops.

eDellRoot, the first root certificate

Over the weekend, a Reddit user discovered that some Dell models were shipped out with a root certificate, accompanied by a private key. This root certificate was called eDellRoot and allowed attackers to extract it and then execute Man-in-the-Middle attacks, intercepting secure HTTPS communications between the affected models and HTTPS-enabled servers.

The company acknowledged the issue and said it would stop doing it, taking a serious blow to its reputation. This was because the company did the very same thing that Lenovo had done in February, when it got skewered by the press and dragged through courts.

Source: http://news.softpedia.com/news/microsoft...6783.shtml

Users browsing this thread: 2 Guest(s)