Windows

How To Fix eDellRoot Exploit On Your Laptop

Every few months a big vulnerability or exploit comes along to make the masses more conscious of their privacy and security. The last significant addition to this genre was the Stagefright exploit for Android. Lately though, a similar story has been widely reported for Dell users. The eDellRoot vulnerability comes in the form of a rogue certificate that is pre-installed on some Dell devices. If you are affected by this exploit, a hacker can potentially impersonate Dell and thus roll out a variety of malicious “updates” or certificates for unsafe content. Dell was quick to acknowledge the problem, and soon afterwards a method to uninstall the certificates without affecting the general functionality of the system was devised.

The eDellRoot certificate is a self-signed one, and while a patch has been released by Dell, you might want to get rid of the whole thing. The method to do so is quite straightforward, and here is how you can cleanse your computer.

eDellRoot Fix

Removing eDellRoot Certificate

  1. Since the problematic certificate keeps its very own process running in the background, you will have to access the Task Manager to kill it. To summon the manager, hit CTRL + ALT+ DEL, or right-click the task bar.
  2. Go to the ‘Services’ tab in Task Manager.
  3. At the bottom of the Task Manager ‘Services’ list, you will find the ‘More Details’ button. Click it to expand the list.
  4. There is a button named ‘Open Services’ in the bottom bar, which narrows down the open list.
  5. Look for the entry named ‘Dell Foundation Service’ and right-click it.
  6. From the resulting context menu, choose to stop the service.
  7. Exit Task Manager.
  8. Now comes the part of actually uninstalling eDellRoot. Within your computer’s file system, go to the following path;
    c:\Program Files\Dell\Dell Foundation Services
  9. At the path specified above, delete the file named ‘Dell.Foundation.Agent.Plugins.eDell.dll’
  10. Open ‘Run’.
  11. Enter certmgr.msc to go to the certificate manager.
  12. From the left-hand pane, click ‘Trusted Root Certification Authorities’.
  13. Delete¬†the ‘DSDTestProvider’ file, located inside the ‘Certificates’ folder. You might be asked to re-confirm your actions at this point, just hit ‘Yes’ on the pop-up.
  14. Now you can finally delete the eDellRoot certificate from the main window.
  15. Restart your computer.

The eDellRoot certificate is gone from your system now, and you are safe from being an easy target for hackers.