Industry experts have discovered that recently purchased Dell computers ship with a faulty digital certificate (eDellRoot) that could allow attackers to imitate legitimate websites on the computers. An imitated website could take many forms—from Google to online banking sites—with the intent of capturing login details and other private information.
Models potentially affected include:
- Inspiron 5000 notebooks
- Latitude notebooks
- XPS 15 notebooks
- Inspiron desktops
- Precision M4800 notebooks
To determine if a computer is affected, open the Chrome, Internet Explorer or Edge web browser on the device and visit edell.tlsfun.de/. The website will clearly indicate if the computer is affected with a vulnerable certificate.
To resolve the issue on devices that test positive for the vulnerable certificate, download and run Dell’s uninstaller application by typing dellupdater.dell.com/Downloads/APP009/eDellRootCertFix.exe into the address bar of a web browser. Manual instructions for removing the vulnerability are available at dellupdater.dell.com/Downloads/APP009/eDellRootCertRemovalInstructions.docx.
For assistance with this process, contact the ITS Service Desk at 216.368.HELP (4357) or help@case.edu.