Dell consumer personal computers using the preinstalled certificate authority (CA) root certificate (eDellRoot) contain a critical vulnerability. This preinstalled root certificate resides on newer Dell laptops and desktops. Exploitation of the vulnerability could allow a remote attacker to read all encrypted web browser traffic (HTTPS), successfully impersonate (spoof) any website, or perform other attacks on the affected system.
US-CERT encourages users and administrators to review Vulnerability Note VU#870761 and Dell's blog post for more information and guidance on removing the certificate.
This product is provided subject to this Notification and this Privacy & Use policy.
from US-CERT: The United States Computer Emergency Readiness Team http://ift.tt/1kSnfLE
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.