I'm sure most of you have heard about the eDellroot Certificate issue that is going around.

I was wondering if any of you have a fix to search for the cert and uninstall it if it is present on a machine?

Also, do you think that the dell update portion of the k1000 can solve this issue?  We do not use this on our machines but I could enable it just to get this Certificate removed if that will work.

Thanks,
0 Comments   [ + ] Show Comments

Comments

Please log in to comment

Answers

0
Im sure if you can do via GPO... Or via PKI - must be able to it via PKI?

I don't know, it has been a long time since I have done that sort of thing, someone else here might be able to help.





If not, you can try plan B and butcher my code to remove the cert.

$Shell = New-Object System.Security.Cryptography.X509Certificates.X509Certificate
$Shell.Import("$Certificate")
$CertificateSerialNumber = $Shell.GetSerialNumberString()
&Certutil.exe -delstore “TrustedPublisher” "$CertificateSerialNumber" | Out-Null

Its from here

As part of the driver removal, it also removes the cert (if it was required when injecting), points you in the right direction scripting wise anyways.




**Update
http://www.thewindowsclub.com/edellroot-certificate-removal-instructions

There's a tool you can download, near the bottom. The executable is signed by Dell, so it's safe.

lul, could be signed by the dodgy cert though! 
I checked, it's OK.


Answered 11/24/2015 by: rileyz
Red Belt

Please log in to comment
0
Here's the "official" removal guide with an executable file.  You should be able to automate this: https://dellupdater.dell.com/Downloads/APP009/eDellRootCertificateRemovalInstructions.pdf
Answered 11/24/2015 by: jknox
Red Belt

Please log in to comment
0
This is now more easy because Microsoft has released Security Update to remove eDellroot Certificate. So just install update and it's done. 
Answered 11/27/2015 by: Shyamji
White Belt

Please log in to comment
Answer this question or Comment on this question for clarity

Share