Security Alert – Dell Certificate Vulnerability

Dell logo

This week, Dell announced that recent shipments of its PCs had a certificate that was improperly configured. The result is a vulnerability that could pose a security risk as web traffic has the potential to be intercepted on a local network in certain settings.

The Firefox web browser does not appear to be affected by the Dell certificate vulnerability at this time. However, all other web browsers appear to use the affected Dell certificate. For more information about the Dell vulnerability click here.

Safety Net’s computer deployment process does not allow the Dell certificate to be installed. However, the certificate does have the potential to be activated during a Dell troubleshooting process.

Safety Net has conducted an audit of our managed IT services (Your Net) clients’ PCs.  At this time, we do not detect any affected PCs within their organizations. We will continue to monitor their devices.

For our clients who do not subscribe to our managed IT services, Dell has released a patch to remove the affected certificate. Our security team has reviewed and tested it. We recommend installation. To install the patch, follow the instructions here.

We’d like to remind you about best practices to ensure more secure web browsing. We do not recommend the use of public networks (e.g. coffee house WiFi) to access web sites that contain personal or business information (credit cards, bank accounts, etc.). Only browse and log into these types of sites when on trusted networks like your work or home.

If you have any questions about the Dell certificate vulnerability, please feel free to contact a member of our Support Team.