14 DAY TRIAL // Microsoft, everybody's favorite target when it comes to ridicule, has saved whatever was left of Dell's reputation by making Windows Defender periodically search and remove leftover DLLs that were respawning root certificates on Dell's laptops.
If you've been away from your computer this week, here's a quick summary of the entire Dell root certificates debacle.
eDellRoot, the first root certificate
Over the weekend, a Reddit user discovered that some Dell models were shipped out with a root certificate, accompanied by a private key. This root certificate was called eDellRoot and allowed attackers to extract it and then execute Man-in-the-Middle attacks, intercepting secure HTTPS communications between the affected models and HTTPS-enabled servers.
The company acknowledged the issue and said it would stop doing it, taking a serious blow to its reputation. This was because the company did the very same thing that Lenovo had done in February, when it got skewered by the press and dragged through courts.
DSDTestProvider, the second root certificate
While it all appeared to pass, only days later, a second root certificate was discovered. As with eDellRoot, this second one, known as DSDTestProvider, was also a root certificate, came with its private key, and was also found in one of Dell's support tools.
Things took a turn for the worse when security researchers discovered that both of these certificates were periodically respawned by a DLL included on affected laptops.
Because of this behavior, some antivirus companies started marking both the certificates and their DLLs as malware. Microsoft was one of them, identifying them as Win32/CompromisedCert.D.
To help Dell users affected by this issue, the Redmond company has now announced updates to its security products that will automatically remove the root certificates and the DLL that respawns them from all infected systems.
Microsoft has updated the following tools to handle Dell's problems:
● Windows Defender (Windows 10 and Windows 8.1) ● Microsoft Security Essentials (Windows 7 and Windows Vista) ● Microsoft Safety Scanner ● Microsoft Windows Malicious Software Removal Tool