Superfish from Dell - the company's computers found a malicious certificate eDellRoot

I do not have time to calm down the excitement over the discovery on notebook Lenovo preinstalled at the factory malicious software in the same subject was noted, Dell and its laptops (and maybe desktops). This weekend on several models of laptop (Dell Inspiron 5000, Dell XPS 13 and Dell XPS 15) was found self-signed SSL-trusted root certificate eDellRoot with term expires in the year 20139.

eDellRoot - Superfish from Dell

Since the private key certificate eDellRoot stored on a laptop, it allows the attacker to create fake websites that will successfully report its full security and steal your personal information or financial information or to sign the virus, making them highly trusted software.

It is not clear the scale of the problem and it is not known how many Dell laptops affected by this vulnerability. The company itself is aware of the problem and is investigating. Methods for solving the problem will be in the near future.

Publish on