Dell says it deeply regrets security issue found in its laptops, offers way to remove root certificate

XPS 15
XPS 15

PC maker Dell now says it deeply regrets putting in what it says was an unintentional security issue in some of its laptops, including the Dell XPS 15. The problem was discovered earlier this week when users found a root certificate, eDellRoot, that could be used by hackers to enter any PC with that program if they found its private key.

In a statement posted late on Monday, Dell said:

"Today we became aware that a certificate (eDellRoot), installed by our Dell Foundation Services application on our PCs, unintentionally introduced a security vulnerability. The certificate was implemented as part of a support tool and intended to make it faster and easier for our customers to service their system. Customer security and privacy is a top concern and priority for Dell; we deeply regret that this has happened and are taking steps to address it.""The certificate is not malware or adware. Rather, it was intended to provide the system service tag to Dell online support allowing us to quickly identify the computer model, making it easier and faster to service our customers. This certificate is not being used to collect personal customer information. It's also important to note that the certificate will not reinstall itself once it is properly removed using the recommended Dell process."

Dell has posted a manual procedure on how to remove the root certificate from its PCs at its website. It will also push out a software update today that will automatically detect and remove the program. It pledges to remove the certificate from all future Dell systems.

Source: Dell

John Callaham