Microsoft rescues Dell from root certificate security flaws

Microsoft has updated several of its security tools to clean up two digital certificates installed on various Dell computers.

The updates are for Windows Defender for Windows 10 and 8.1; Microsoft Security Essentials for Windows 7 and Vista; Microsoft Safety Scanner; and Microsoft Windows Malicious Software Removal Tool.

Microsoft’s new security tools will remove the eDellRoot and DSDTestProvider certificates.

Dell installed the eDellRoot certificate as part of a support tool in order to make it faster for its customers to service their system.

The certificate has however introduced an unintended security vulnerability, allowing hackers to read private messages and undertake phishing attacks.

Security firm Symantec said that malware signed with the eDellRoot certificate authority has already started appearing on VirusTotal.

Dell had to pull its Dell System Detect application, after it was discovered to contain a self signed root certificate authority.

The company said that the problem affects users who downloaded Dell System Detect product between 20 October and 24 November 2015.

Sign up for our regular news round-up!

Give your business an edge with our leading Tech Monitor

Sign up