The Broadband Guide
SG
search advanced

Second Dell backdoor root certificate found

2015-11-25 15:59 by

 

Several days after a security hole in recently shipped Dell computers was revealed, a second root certificate has been found in new laptops of the manufacturer.

The certificate, called DSDTestProvider, is installed by an application called Dell System Detect (DSD), which users are prompted to download and install when they visit the Dell support website. Users who downloaded the Dell System Detect product between 20 October and 24 November 2015 may be affected.

According to Carnegie Mellon University CERT, the vulnerability allows hackers to create trusted certificates and impersonate sites and launch man-in-the-middle attacks.

"An attacker can generate certificates signed by the DSDTestProvider CA (Certificate Authority)," CERT bod Brian Gardiner says. "Systems that trusts the DSDTestProvider CA will trust any certificate issued by the CA."An attacker can impersonate web sites and other services, sign software and email messages, and decrypt network traffic and other data. Common attack scenarios include impersonating a web site, performing a MiTM attack to decrypt HTTPS traffic, and installing malicious software."

The first certificate found to be vulnerable this week is called eDellRoot. It was installed by Dell Foundation Services to act as a support tool. However, it also allowed an attacker to extract the private key that signed the certificate. And after having such a key, a hacker could serve up fake versions of HTTPS sites, such as banking websites.

Dell has released a removal tool and instructions for the eDellRoot certificate, and it is expected to do the same for DSDTestProvider.

Read more -here-

 

  Post your review/comments
    rate:
   avg:
News Glossary of Terms FAQs Polls Cool Links SpeedGuide Teams SG Premium Services SG Gear Store
Registry Tweaks Broadband Tools Downloads/Patches Broadband Hardware SG Ports Database Security Default Passwords User Stories
Broadband Routers Wireless Firewalls / VPNs Software Hardware User Reviews
Broadband Security Editorials General User Articles Quick Reference
Broadband Forums General Discussions
Advertising Awards Link to us Server Statistics Helping SG About