Windows machines stop trusting Dell’s two unconstrained root CA certs
Microsoft has updated the Certificate Trust list for all supported releases of Microsoft Windows so that the two digital certificates (complete with inadvertently disclosed private keys) used by Dell on its computers will no longer be trusted. Thant means that even if the certificates are installed, they cannot be used.
“One of these unconstrained certificates could be used to issue other certificates, impersonate other domains, or sign code. In addition, these certificates could be used to spoof content, perform phishing attacks, or perform man-in-the-middle attacks against Dell customers,” they explained in an advisory published on Monday.
The move comes after Dell issued an update that removes the eDellRoot certificate from their machines, and after it issued a replacement version of the Dell System Detect application that used a self-signed certificate (DSDTestProvider) that also contained a private key. The new version has been stripped of the certificate.
Dell has also updated the initial instructions to remove the first found cert, and they now contain instructions on how to remove both.
“CTL updates are automatically pushed to both consumer and commercial Windows PCs. Most systems with Internet access should pick up the update within the next 24 hours,” the company explained.
Microsoft has stated in the advisory that there is currently no evidence that attacks related to this issue have been mounted in the wild.