Dell’s Superfish? Security flaw leaves laptops open to hackers

Dell has admitted that a pre-installed programme on some of its recently shipped laptops makes them vulnerable to cyber-attacks.

The company installed the eDellRoot certificate as part of a support tool in order to make it faster for its customers to service their system.

The certificate has however introduced an unintended security vulnerability, allowing hackers to read private messages and undertake phishing attacks.

Dell said: "Customer security and privacy is a top concern and priority for Dell; we deeply regret that this has happened and are taking steps to address it."

The certificate is not being used to collect personal customer data. The company said it will not reinstall itself once it is removed using the recommended process.

The company is providing customers with instructions to permanently remove the certificate by email and on its support website.

Dell’s security flaw is similar to the Superfish programme identified on some Lenovo systems.

Earlier this year, Dell enhanced its cloud-based email security service, SonicWALL Hosted Email Security, to provide advanced threat protection and mobile-ready secure email exchange.

Sign up for our regular news round-up!

Give your business an edge with our leading Tech Monitor

Sign up