Dell has caught another trouble as researchers have found that the security issues widen as they dig deeper in the case while the company's security error is becoming viral.
Researchers coming from Duo Security have found out that there is a second security hole in the latest Dell Inspiron laptop. The new discovery is considered as another evidence which shows that the multinational computer company is facing some trouble.
It can be remembered that the issue first started when Dell had shipped out new devices which contained a self-signed root certificate. The certificate called as eDellRoot, is primarily used to encrypt data traffic.
However, it was found out that the root certificate was installed with the private encryption key included. The said installation is a critical error that horrified and dismayed security experts.
Jerome Segura elaborated the security issue that was discovered in Dell devices.
"The same private key was found on multiple machines, meaning that anybody that has access to it can now use it to impersonate the certificate holder [i.e. the PC owner]. It made matters worse that the password for that key was easily crackable," stated by the senior security researcher at Malwarebytes.
As a response, the American multinational company acknowledged the said failure and said that they are planning to supply the users some instructions in order to permanently delete the certificate.
Furthermore, previous reports stated that the infected devices were only secluded to Dell laptops. However, a deeper investigation shows that it also infested some of the company's products.
It was found out that the eDellRoot certificate was also installed in the Dell Foundation Services (DFS) application. This means that some of Dell's products were also infected which include desktops, all-in-ones, two-in-ones, and some towers from different Dell product lines. These towers include XPS, OptiPlex, Inspiron, Vostro and Precision Tower.
The security issue also offers danger and risk to websites and internet users.