Dell is in the news for all the wrong reasons this week, as on Tuesday it was reported that a second malicious self-signing Dell root certificate called DSDTestProvider was found on all Dell laptops. This second security flaw comes just a week after a self-signing eDellRoot certificate was found pre-installed on Dell computers shipped in August 2015 or later, which can compromise users’ private communications.
The whole fiasco began on Monday, when a Reddit user posted about a suspicious Dell certificate he had discovered in his brand new XPS 15 laptop. Dell responded by saying that it had started rolling out the certificate via Dell Foundation services version released in August, which led many to believe that Dell devices purchased since August would be the only ones affected. Though, even older devices seem to be affected by this eDellRoot certificate.
“For those customers who already had Dell Foundation Services and opted in to updates, the eDellRoot certificate was part of versions 2.2/2.3 issued starting in August,” a Dell representative confirmed Wednesday via email. When you install DFS, it asks if you want to receive automatic updates. Our customers who choose ‘yes’ receive the automatic updates.”
Meanwhile, the latest discovery of a self-signed root certificate called DSTTestProvider was installed by an app called Dell System Detect (DSD). Dell device owners were prompted to download and install this tool when they visited Dell’s official website and clicked on the “Detect Product” button.
Dell’s issue is oddly similar to Lenovo’s root certificate issue that happened earlier this year. Known as the “Superfish,” Lenovo was accused on pre-installing adware on users computers, though Dell assures its eDellRoot was intended for an entirely different purpose.
“The certificate is not malware or adware. Rather, it was intended to provide the system service tag to Dell online support allowing us to quickly identify the computer model, making it easier and faster to service our customers. This certificate is not being used to collect personal customer information. It’s also important to note that the certificate will not reinstall itself once it is properly removed using the recommended Dell process,” said Dell’s spokesperson Laura Thomas.
Nonetheless, both these questionable root certificates can be used by hackers to create duplicate certificates for any website that accepts these affected Dell devices.
To fix both Dell root certificate issues mentioned above, you can download and run eDellRoot and DSDTestProvider removal tool, and follow the screen instructions.