8 Steps To Remove eDellRoot Certificate Vulnerability From Your Computer

Removing The Danger

Dell Monday was hit with heavy criticism for a security vulnerability on the manufacturer's PCs and enterprise servers caused by a certificate pre-installed on all machines. Similar to the Lenovo SuperFish vulnerability earlier this year, the certificate, called eDellRoot, is pre-installed root certificate and private key that could allow for man-in-the-middle attacks. Dell said the certificate was designed as a system tag for online support and was not used to collect personal information, but it will not be installed on Dell machines going forward.

"Customer security and privacy is a top concern and priority for Dell; we deeply regret that this has happened and are taking steps to address it," Dell said in a blog post.

Dell also provided a patch and detailed steps on how to remove the vulnerability from already purchased Dell computers. Take a look.

Patch Available

For a quick fix, Dell has created a patch for the vulnerability. Dell also said that it will be releasing a software update Nov. 24 that will scan for and remove the vulnerability if found.

To download the patch directly, click here, or read on for how to remove the vulnerability manually.

Step 1

To start removing the vulnerability, right-click on the task bar and choose "Task Manager." Then click the "Services" tab. At the bottom of the window, select "Open Services."

Step 2

Once the "Open Services" window has been selected, scroll down and select "Dell Foundation Services" from the list. Once selected, choose the "Stop the service" option, located on the left on the window.

Step 3

At this stage of the removal, Dell said the screen should look like this (pictured) if the previous steps have been completed successfully.

Step 4

To continue removing the vulnerability, next open "File Explorer." Choose the "c:\Program Files\Dell\Dell Foundation Services" option and delete the file named "Dell.Foundation.Agent.Plugins.eDell.dll". A warning is likely to pop up, but Dell said click through to confirm the deletion.

Step 5

For the next step, hit the Window's button, which is usually located at the lower left of the keyboard. Type "certmgr.msc" into the search bar, and when a window pops up, confirm that you want to make changes to the computer. This step will open up the certificate manager window. From here, you want to select the folder on the left menu labeled "Trusted Root Certification Authorities."

Step 6

Once inside the Trusted Root Certification Authorities folder, you want to choose the "Certificates" sub folder, Dell said. Within that folder, you want to choose the "eDellRoot" file from the list. Be very careful to only select this folder, Dell said, as you don't want to accidently delete something else that could cause system problems.

Step 7

Again, making sure to only have the "eDellRoot" file selected, click the "X" icon on the top toolbar and click to confirm the deletion. At this point, Dell said you should no longer see the file on the list of options in the "Certificates" folder.

Step 8

For the final step, Dell said to go back to the "Services" menu changed in the first three steps. Under the "Services" menu, again choose the "Dell Foundation Services" option from the list and click "Start the service" on the left side of the window. This reverts the change in Step 2, where you turned off the service. After closing all the windows opened, Dell said the vulnerability should now be fully removed from your computer.