Tech giant Dell is working to fix the “eDellRoot” certificate that comes pre-installed on PCs after it was discovered the certificate “unintentionally introduced a security vulnerability” to customers.
News of the security flaw initially spread on Reddit. The certificate potentially leaves information such as user communication, passwords, and usernames open to “man-in-the-middle” hackers. Security experts interviewed on the BBC about “eDellRoot stated it has two main flaws:
“It would allow traffic to be intercepted, potentially exposing sensitive information; secondly, the key could be used to make a user’s computer misidentify unsafe connections as safe.”
Dell has released instructions for how to remove the certificates, as well as promising it will be removed from all future Dell systems. An update was made available yesterday that will check for and remove the certificate if detected.
*Source: Fox News