Dell confirms loophole on PC can compromise user data

24 Nov 2015

Leading PC manufacturer Dell has been accused of shipping its desktops and laptops with a self-signed digital certificate dubbed eDellRoot that was capable of being exploited by hackers leaving the system vulnerable to man-in-the-middle attacks, allowing them to snoop on internet traffic. Several users had confirmed on forums and social media networks that their Dell computers came with the eDellRoot certificate preinstalled. The US-based company admitted that there was a security vulnerability in the said certificate.

"The recent situation raised is related to an on-the-box support certificate intended to provide a better, faster and easier customer support experience," Dell said in a statement to Reuters. "Unfortunately, the certificate introduced an unintended security vulnerability."