CHINA TOPIX

12/22/2024 09:48:31 pm

Make CT Your Homepage

Dell Admits Security Loophole Built into Computers; Company Releases Update to Fix Issue

Dell faces problem after security experts found loopholes into its machines.

(Photo : Getty Images) Dell has come under the public spotlight after experts revealed that there are loopholes in company's machines that can enable hackers steal user's private information.

As part of Dell's promotional stunt to market the XPS 15 laptop, the company promised that it will deliver unparalleled security and privacy features. Now, it appears that Dell is in some sort of conundrum after it was discovered that there is a blatant security loophole preinstalled on its machines that will allow hackers to access user's personal data.

Like Us on Facebook

In a statement released on Monday, Dell said, "We became aware that a certificate (eDellRoot), installed by our Dell Foundation Services application on our PCs, unintentionally introduced a security vulnerability. The certificate was implemented as part of a support tool and intended to make it faster and easier for our customers to service their system."

Dell has already issued an apology about the recent security gap on its system. Additionally, the company also released a guideline on how to remove the software that caused the issue and patch the security flaw.

Following the discovery, Dell said that the certificate was not a malware or an adware. The company added that the certificate was not installed or used in any way to collect personal customer information.

In order to patch the problem, Dell said that it will release a software update starting Nov. 24 that will check for the certificate. If it still exists on some machines, the update will remove the certificate in order to prevent future problems from arising.

Moreover, Dell said that it will remove the suspect certificate on all of its machines.

According to BBC, a close inspection of the Dell certificates by security experts reveal that it has two flaws. First, it allows traffic to be intercepted which could potentially expose sensitive user information to malicious attackers. Second, the certificate can be used in order to mask an unsafe connection and program it so that the affected computer will perceive it as legitimate and safe.

Real Time Analytics