Dell said on Monday that security issues exist on some laptops that it recently shipped.
According to Dell, there is a pre-installed program on some laptops that compromises the root security of a system, making it easy for hackers to gain access to private data.
“The recent situation raised is related to an on-the-box support certificate intended to provide a better, faster and easier customer support experience,” Dell said in a statement to Reuters. “Unfortunately, the certificate introduced an unintended security vulnerability.”
The affected Dell computers have a self-signed digital certificate dubbed eDellRoot that allows hackers to easily cryptographically impersonate an HTTPS-protected website.The digital certificate has a private key that attackers can use to sign certificates for other non-HTTPs websites.
According to Ars Technica, Inspiron 5000 notebooks, XPS 15 models, Dell Inspiron desktops, and various Precision M4800 and Latitude models are reported to be affected.
Dell promised it will provide a fix for the issue, but the magnitude of the scandal is already being compared to the Lenovo’s ‘Superfish’ gaffe earlier this year.
“Customer security and privacy is a top concern for Dell,” a Dell representative told The Verge. “We have a team investigating the current situation and will update you as soon as we have more information.”