While most enterprise machines should not have the software installed that adds the Dell certificate it’s better to be safe than sorry. Without revoking this attackers will be able to perform man in the middle ssl attacks as Dell ships the private key with the cert.
- Download a copy of the Cert and extract
https://mega.nz/#F!kwgAQB7K!K6g2PSLyNmpWhQxne5NLfw - In the Group Policy Management console create a new group policy and link to a Test OU
- Navigate to Policies \ Windows Settings \ Security Settings \ Public Key Policies \ Untrusted Certificates
- Import the eDellRoot.crt
5. On Test machine GPUpdate /Target:computer then Verify the certifcate is no longer effective https://edell.tlsfun.de/ (Refresh the page if visited previously)
Leave a Reply