Dell consumer personal computers using the preinstalled certificate authority (CA) root certificate (eDellRoot) contain a critical vulnerability. This preinstalled root certificate resides on newer Dell laptops and desktops. Exploitation of the vulnerability could allow a remote attacker to read all encrypted web browser traffic (HTTPS), successfully impersonate (spoof) any website, or perform other attacks on the affected system.
US-CERT encourages users and administrators to review Vulnerability Note VU#870761 and Dell's blog post for more information and guidance on removing the certificate.
This product is provided subject to this Notification and this Privacy & Use policy.