Microsoft Security Software Removes Vulnerable Dell Root Certificate

We recently reported about eDellRoot certificate installed on certain Dell laptops and PCs introduced a security vulnerability for the users. This threat is a Dell root certificate for which the private keys were leaked. This means a hacker can use this certificate to modify your browsing experience and steal sensitive information. While you can manually remove this certificate, Microsoft has updated their security software to remove this certificate.

Program:Win32/CompromisedCert.C is a Dell root certificate for which the private keys were leaked online.

If your Dell PC contains this certificate, it might be vulnerable to this threat. A PC with this certificate could be vulnerable to SSL/TLS spoofing attacks, and can allow an attacker to digitally sign binaries so that they are trusted by the affected PC. This can give an attacker control over your PC and browsing experience.

The certificates can be found in Dell PCs running the following Windows operating systems:

• Windows 10
• Windows 8.1
• Windows 8
• Windows 7

An attacker can exploit a certificate using phishing or man-in-the-middle attacks to decrypt, modify or spoof HTTPS websites, such as banking, social media, or email websites.

This could allow a malicious hacker to steal your user names, passwords, and confidential data. They could also carry out transactions without your knowledge, even when it seems like you have a secure browser connection to a website.

The following free Microsoft software to detects and removes the vulnerable certificates from the certificate root store, as well as the affected binaries that might re-install the vulnerable certificate:

• Windows Defender for Windows 10 and Windows 8.1, or Microsoft Security Essentials for Windows 7 and Windows Vista
• Microsoft Safety Scanner
• Microsoft Windows Malicious Software Removal Tool