News

Windows Defender removes Dell’s private key root certificates

By admin
Spread the love

Microsoft has added eDellRoot and DSDTestProvider to its antimalware definitions and Windows Defender detects and blocks or removes both certificates as a result. Defender considers the certificates a ‘possible threat’.

Microsoft has named the antimalware definitions for eDellRoot and DSDTestProvider Win32/CompromisedCert.C and Win32/CompromisedCert.D. Microsoft’s security software has given the certificates a ‘medium’ warning level. The update was released during the night from Wednesday to Thursday and Dell PC buyers can now use Microsoft’s anti-malware software to remove or block private key certificates from their systems.

The update will be released within a few days of the discovery of the DSDTestProvider certificate and a few days of eDellRoot being released. Dell previously published a guide to manually uninstall eDellRoot. The root certificates with private keys allow abuse, for example by signing malware with them so that Windows accepts them as an authentic Windows program. In addition, there are man-in-the-middle attacks, where the Dell systems make https connections via fake domains without raising the alarm. It is unknown if other malware scanners will also add the root certificates to their definitions.

You might also like
News

Rumor: Apple is working on its own applications based on a large language model

News

Blizzard will release certain games via Steam, starting with Overwatch 2

News

EU Council determines position on security requirements for digital products

News

Microsoft and Activision Blizzard postpone acquisition deadline until October

News

Samsung develops first GDDR7 chips, mentions bandwidths of up to 32Gbit/s per pin

News

Microsoft announces Bing Chat Enterprise and Copilot pricing for businesses