Late Monday night Dell warned of a security hole that it discovered, which affects recently shipped computers, that can leave users vulnerable to hackers. This vulnerability affects computers that are made by Dell that come with a preinstalled customer service program. A particular certificate identifies the computer to Dell support staff and makes the computers vulnerable to intrusions. In addition to that, this could also allow hackers to access encrypted messages to and from the laptop, according to Dell.
Moreover, there is also an added risk that attackers could possibly reroute internet traffic to sites that look genuine but are, in fact, dangerous imitations. Dell also noted that customers should do everything they can to remove this problem from their laptops and offers instructions on how to manually do that. Starting today, Dell is also planning on pushing a software update to computers in order to check them for the certificate and remove it. According to a statement from Dell, “Customer security and privacy is a top concern and priority.”
Brian Krebs, a security researcher, stated that the problem affects all new Dell desktops and laptops that have been shipped since August. Consumers are becoming increasingly aware of the risks that are involved with not taking the proper security precautions though they don’t really expect to have them pop up on brand new pieces of technology. Granted some programs that are installed by computer manufacturers can be irritating but the fact that one might actually be dangerous has the potential completely destroy trust between a brand and its customers.
Unfortunately for consumers, this isn’t the first time that brand new, out-of-the-box computers have come with security flaws. Some laptops developed by Lenovo were discovered to have a similar security flaw in a pre-installed program known as Superfish. The Superfish software altered search results to show different ads along with tampering with the computer’s security. A specially released tool from Lenovo eventually fixed the problem.
Although Dell has yet to respond to requests for more information on the subject, the company did note that the certificate that is the root to all of this is not adware or malware. This program is, in fact, being removed from all new Dell computers, according to the company, and once it is successfully removed it will not reinstall itself.
Content originally published here
Sharing this story on social media? Use these hashtags! #Dell #Laptops #DellSecurityFlaw
