Vigil@nce - Dell: secret key of certificates published
February 2016 by Vigil@nce
This bulletin was written by Vigil@nce : http://vigilance.fr/offer
SYNTHESIS OF THE VULNERABILITY
An attacker can spoof the identity of any web site, on Dell
computers.
Impacted products: Windows 10, Windows 2008 R0, Windows 2008 R2,
Microsoft Windows 2012, Windows 7, Windows 8, Windows RT, Windows
Vista.
Severity: 2/4.
Creation date: 02/12/2015.
DESCRIPTION OF THE VULNERABILITY
Dell installs on its computers two root certificates, with their
private key (VIGILANCE-ACTU-5001).
An attacker can therefore spoof the identity of any web site, on
Dell computers.
ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN
http://vigilance.fr/vulnerability/Dell-secret-key-of-certificates-published-18410