Dell owns up to eDellRoot hole and provides removal instructions
Yesterday, some concerned Dell PC owners brought a Superfish-y issue to light. It turns out that Dell had installed self-signed root certificates on some of its PCs, and it also included the private key used to generate the certificate. With those tools in hand, an attacker could have generated a valid certificate for any secure website on the Internet, allowing them to carry out a man-in-the-middle attack on affected PCs. Now, Dell has officially acknowledged this vulnerability, and it's provided instructions for removing the rogue certificates.
According to Dell, the "eDellRoot" and other self-signed root certificates on its PCs were installed as part of the Dell Foundation Services support application. The company says the certificates were meant ...