Wednesday, 25 November 2015

Dell Software Installs Dangerous Root Certificate

Users of Dell computers have been warned again for a dangerous certificate that is installed by a program of the computer manufacturer on laptops, desktops and tablets and that cyber criminals can use it to launch attacks on the system.

Therefore it warns CERT Coordination Center (CERT / CC) at Carnegie Mellon University. Initially, it was warned for Dell Foundation Services a root certificate called eDellRoot installs with private key. Now it appears Dell System Detects install such a root certificate with corresponding private key. This certificate is DSDTestProvider.

Dell System Detect (DSD) is a program that users should start and communicates with the Dell Support Page. On some systems, DSD is installed by default. The program installs a root certificate private key. An attacker can use it is to generate certificates that are signed by the certificate authority DSDTestProvider.

Systems that rely DSDTestProvider the certificate authority will also certificates from the trust authority. An attacker can thus mimic websites and other services, software and e-mail sign and decrypt network traffic and other data. It is, among other things, man-in-the-middle attacks on HTTPS traffic and installing malware. The CERT / CC recommends to withdraw the root certificate, which can be done via the Windows Certificate Manager.

No comments:

Post a Comment