Microsoft, everybody's favorite target when it comes to ridicule, has saved whatever was left of Dell's reputation by making Windows Defender periodically search and remove leftover DLLs that were respawning root certificates on Dell's laptops.
If you've been away from your computer this week, here's a quick summary of the entire Dell root certificates debacle.
eDellRoot, the first root certificate
Over the weekend, a Reddit user discovered that some Dell models were shipped out with a root certificate, accompanied by a private key. This root certificate was called
eDellRoot and allowed attackers to extract it and then execute Man-in-the-Middle attacks, intercepting secure HTTPS communications between the affected models and HTTPS-enabled servers.
The company acknowledged the issue and said it would stop doing it, taking a serious blow to its reputation. This was because the company did the very same thing that Lenovo had done in February, when it got skewered by the press and dragged through courts.
