Dell users have found another malicious certificate, called DSDTestProvider, on their laptops that will make them easy prey for cyber attacks on public Wi-Fi networks. The initial certificate made users susceptible to man-in-the-middle attacks, and the second issue was found just when the first was remedied.
The Problem Certificate is Called DSDTestProvider
The DSDTestProvider certificate is a support certificate that includes a private key that makes man-in-the-middle attacks easier and gives them access to trusted certificates. This can lead to identity theft and passive decryption attacks.
This is the Second Malicious Certificate Found on Dell Computers
Carnegie Mellon University CERT has asserted this certificate is a malicious one, and people with it can easily get their identity stolen just by sitting on a cafe on its public Wi-Fi network. The DSDTestProvider allows attachers to create certificates, and can impersonate websites and other services, sign software and email messages and even decrypt network traffic and data. This makes people in malls, airports and coffee shops especially susceptible.
The Certificate Has Been Removed from Dell Support
The DSDTestProvider has been since removed from the Dell Support website, and there is a new tool available right now for current Dell users. Dell is building a software update to eliminate any trace of the malicious certificate and ensure that Dell users are safe.
Dell Has Another Security Hole on its Laptops
No comments:
Post a Comment