Dell unveils removal tool for root certificate "eDellRoot" pointed out vulnerability

The same root certificate & secret key is installed in Dell notebook PCFor Dell, it was not intentional, but Dell began distributing tools for deleting that security holes were created by this certificate.

Response to Concerns Regarding eDellroot Certificate
http://en.community.dell.com/dell-blogs/direct2dell/b/direct2dell/archive/2015/11/23/response-to-concerns-regarding-edellroot-certificate


According to Dell, "eDellRoot" is not adware or malware, but is installed as part of the support tool for the purpose of raising the quality of support. It seems that it is not the purpose of collecting consumer's personal information etc. simply by sending to Dell online support what kind of user the user is using.

But this time, journalistHanno BockIn response to pointing out that Mr. Joe Node and Kevin Hicks have led to vulnerabilities, Dell has released a tool to delete. As Registar tried, deleting it from the certificate manager tool will revive it, but using this tool will not revive.

The prepared download manual is kore.

EDellRoot Certificate Removal Instructions Version: 1.0 November 23, 2015
(PDF file)https://dellupdater.dell.com/Downloads/APP009/eDellRootCertificateRemovalInstructions.pdf


It seems that there is also Word version.

https://dellupdater.dell.com/Downloads/APP009/eDellRootCertRemovalInstructions.docx

There are two types of procedures, using Dell's uninstaller and manual. When using the uninstaller, download the file as it is instructed to download from the following URL.

https://dellupdater.dell.com/Downloads/APP009/eDellRootCertFix.exe

The rest is done just by doing this.


However, if the problematic certificate is not installed on the PC, the error message will be displayed like this.


If you do it manually, first stop the service. Open the control panel and click "System and Security" if you are in category view.


Then click "Management Tools". The person who is making large icon · small icon notation is displayed "management tool" from the beginning.


Then click "Service".


Then, it becomes the display screen of such a service list. Services are those that perform specific functions in the background without user interaction. For example, Google Chrome caught up with an update notification, and it will be updated automatically, but this is due to "Google Update service".


This time, the editorial department could not find the service because there was no applicable PC, but if this list contains "Dell Foundation ServicesIf there is, select it and click "Stop service" which appears on the left side. We will restart the service later, so leave this screen open and OK.


After stopping the service, the next is "C: \ Program Files \ Dell \ Dell Foundation ServicesMove to the folder and click "Dell.Foundation.Agent.Plugins.eDell.dllDelete file. At this time, a dialog may be displayed as to whether you really want to delete, but click "Continue".

Next, we will delete the certificate. In the "Search program and file" dialog that appears when you open the start menu,Certmgr.msc"And enter key pressed ......


The certmgr (Certificate Manager tool) starts up. Click "Trusted Root Certification Authority" in the left pane and select "Certificate" to display a list of certificates in the right pane.


If "eDellRoot" is found, select it, right click and click "delete". Please do not delete other certificates by mistake.


Finally, if you restart the "Dell Foundation Services" service stopped in the middle step, it is completed. Please note that the above uninstaller will do this manual operation automatically, so if you do not have a reason to do it manually it is faster and easier to use the uninstaller.

· Continued
Dell officially acknowledges security threats to certificates other than eDellRoot - GIGAZINE