Revoke the eDellRoot Certificate using Group Policy

While most enterprise machines should not have the software installed that adds the Dell certificate it's better to be safe than sorry. Without revoking this attackers will be able to perform man in the middle ssl attacks as Dell ships the private key with the cert.

  1. Download a copy of the Cert and extract
    https://mega.nz/#F!kwgAQB7K!K6g2PSLyNmpWhQxne5NLfw
  2. In the Group Policy Management console create a new group policy and link to a Test OU
  3. Navigate to Policies \ Windows Settings \ Security Settings \ Public Key Policies \ Untrusted Certificates
  4. Import the eDellRoot.crt

revoke this cert now

5. On Test machine GPUpdate /Target:computer then Verify the certifcate is no longer effective https://edell.tlsfun.de/ (Refresh the page if visited previously)

 

 

There are no comments yet, add one below.

Leave a Comment

Your email address will not be published. Required fields are marked *

*