Dell offers fix for computer security flaw

PC-maker Dell is taking action to fix a security vulnerability on a number of its laptops shipped since August 2015.

The flaw was found in the digital certificate, eDellRoot, installed by Dell Foundation Services, which is part of a support tool to make it faster and easier for customers to service their system, according to a press release from Dell. But security researchers discovered that the certificate could leave users exposed to online spying and malware attacks.

Dell posted instructions on how to permanently remove the certificate on its website and stressed that the certificate will not reinstall itself once it is properly removed.

"We will also push a software update starting on November 24 that will check for the certificate, and if detected remove it," Dell said in the statement. "Additionally, the certificate will be removed from all Dell systems moving forward."

The problem echoes the security nightmare Dell competitor Lenovo faced this past February when it shipped software that exposed Lenovo laptop users to hackers bent on stealing personal information.

Dell also gave a shout-out to the users who brought the problem to their attention: "We thank customers such as Hanno Böck, Joe Nord and Kevin Hicks, aka rotorcowboy, who brought this to our attention. If you ever find a potential security vulnerability in any Dell product or software, we encourage you to visit this site to contact us immediately."

f

We and our partners use cookies to understand how you use our site, improve your experience and serve you personalized content and advertising. Read about how we use cookies in our cookie policy and how you can control them by clicking Manage Settings. By continuing to use this site, you accept these cookies.