After it emerged that Dell PCs manufactured since August have been infected with a Superfish vulnerability that could leave users open to a cyberattack, the Texan computer giant has responded with instructions on how to remove the offending malware.
The situation is eerily similar to the Superfish quagmire that hit Lenovo earlier this year when it installed adware that made PCs vulnerable to potential attack.
Dell is understood to have installed the transport layer security (TLS) credential eDellRoot itself as a root certificate on two computers – the Inspiron 5000 series notebook and the XPS 15.
Security researcher Joe Nord discovered the vulnerability and it became widely discussed on Reddit.
Experts have warned that the rootkit could be used by a malicious hacker to use Wi-Fi networks to impersonate any website and quietly intercept email, online purchases and online banking.
Dell had implemented the rootkit certificate as part of a support tool aimed at making customer support faster and easier.
“Customer security and privacy is a top concern and priority for Dell; we deeply regret that this has happened and are taking steps to address it,” the company said.
Dell has posted instructions on how to permanently remove the certificate from your system here.
“The certificate is not malware or adware. Rather, it was intended to provide the system service tag to Dell online support, allowing us to quickly identify the computer model, making it easier and faster to service our customers.
“This certificate is not being used to collect personal customer information. It’s also important to note that the certificate will not reinstall itself once it is properly removed using the recommended Dell process,” Dell said.
Laptop security image via Shutterstock