DSDTestProvider, new certificate on Dell computers. During the duration of the weekend, a user of Reddit noticed that the company laptop he was using contained a root certificate, along with a private key. The company immediately responded by publishing ways to remove them.
But the series continues. There seems to be a second such certificate.
Dell has tried to explain the presence of the original certificate, called eDellRoot, as an added mechanism to improve customer support…
Regardless of how the company explains eDellRoot, it should soon justify the existence of a second certificate, called DSDTestProvider.
Το δεύτερο πιστοποιητικό χρησιμοποιείται από τη Dell System Detect (DSD), μια εφαρμογή με χαρακτηριστικά “εντοπισμού προιόντων' που χρησιμοποιείται από την ιστοσελίδα of the company, to help users identify their laptop model and other technical details.
Just like eDellRoot, DSDTestProvider is also installed in the root root store, along with a private key. This of course allows malicious users to get data from the system and use them for malicious purposes, such as MITM attacks (Man-in-the-middle).
What can you do:
Do not expect the company to find a good excuse, apologize, and then give the removal instructions. To remove DSDTestProvider, follow these steps:
In the Start Menu search box, type "certmgr.msc" and run the application.
In the window that will open, select "Trusted Root Certification Authorities" or "Trusted Root Certification Authorities"
Select "Certificates" or "Certificates"
Find and delete “eDel | Root” and “DSDTestProvider” certificates
Restart your computer.