Dell admits security flaw was built in to computers

[JMH]

A security hole that could allow attackers to access users' personal data was inadvertently placed on Dell computers, the company has admitted.
The hole represented a "profound security flaw" that could allow access to bank details and other personal data, experts said.
Dell has issued guidance on removing the software that produced it.
The news comes after Lenovo was also criticised for pre-installing adware that potentially compromised security.
One user, posting on Reddit, reported finding that their Dell machine came pre-installed with a self-signed root certificate authority, called "eDellRoot", and the private key associated with it.

'Security vulnerability'

In a statement released on Monday, Dell acknowledged the vulnerability and linked to a guide on permanently removing the software that caused it.

Dell admits security flaw was built in to computers - BBC News

 

[Digerati]

More on this - The US Department of Homeland Security's United States Computer Emergency Readiness Team (US-CERT) has issued a security alert warning Dell users of this vulnerability.

Dell Computers Contain CA Root Certificate Vulnerability. Follow the link to Dell's blog for instructions to remove the vulnerable certificate from your system.

 

[Cayden]

So only those whom purchased a Dell (or Alienware) computer are affected?

 

[Digerati]

So only those whom purchased a Dell (or Alienware) computer are affected?

This time, yes. And only recents models too. While Dell uses a lot of "OEM" ASUS motherboards, if concerned about your "self-built" ASUS system, this vulnerability does not affect you.

And for the record, this vulnerability (and past security issues with Lenovo and other factory built systems) is just another reason for users to build their own PCs. That way, we don't get motherboards and Windows installations that have been modified with proprietary code, or systems with pre-installed software we don't need or want that may expose us to vulnerabilities and other, sometimes egregious security risks.

Of course, there isn't a viable self-build industry for notebooks and the increasingly popular all-in-ones, so extra care must be taken by those users to disable unneeded features, uninstall added junk the makers foisted on the systems, and most importantly, keep those computers and operating systems updated.