Microsoft has updated its security tools to remove vulnerable certificates installed on some Dell computers from the certificate root store, as well as the affected binaries that might reinstall the vulnerable certificate.
The eDellRoot and DSDTestProvider self-signed certificates both contained their private encryption keys that could be extracted by attackers and used to steal personal data, install data-stealing malware, or hijack the PC. Dell has released software updates to remove both and has published guidelines on how to do it manually, but Microsoft is making sure all its customers are protected.
The updated tools detect and remove the vulnerable certificates from the certificate root store, as well as the affected binaries that might reinstall the vulnerable certificate, Microsoft said in a blog post. These tool include Windows Defender for Windows 10 and Windows 8.1, Microsoft Security Essentials for Windows 7 and Windows Vista, Microsoft Safety Scanner and Microsoft Windows Malicious Software Removal Tool.
The Windows Defender tool will kill the certificates and the associated Dell.Foundation.Agent.Plugins.eDell.dll plugin that will respawn the certificate.
The Dell certificates were part of the service tools and were aimed at making technical support easier by informing Dell about which product a customer is using.
But the inclusion of the private keys made them vulnerable to abuse by attackers and a significant security risk. The eDellRoot certificate authority and private key could also allow attackers to sign code, which means they can sign malware as if it was from another company, but it will look legitimate to computers with the eDellRoot certificate authority installed.
Indian IT leaders are still wary of cloud adoption due to security concerns
IBM reports that security breaches have surged during the pandemic
Domino’s India data gets compromised; cyber security experts say it’s massive
Israeli Startup Orca Security Raised $210M, Becomes a Unicorn
Microsoft is Launching New Azure Cloud Region in China Next Year
© 2021 CIO Bulletin. All rights reserved.