I'm sure most of you have heard about the eDellroot Certificate issue that is going around.

I was wondering if any of you have a fix to search for the cert and uninstall it if it is present on a machine?

Also, do you think that the dell update portion of the k1000 can solve this issue?  We do not use this on our machines but I could enable it just to get this Certificate removed if that will work.

0 Comments   [ + ] Show Comments


Please log in to comment


Im sure if you can do via GPO... Or via PKI - must be able to it via PKI?

I don't know, it has been a long time since I have done that sort of thing, someone else here might be able to help.

If not, you can try plan B and butcher my code to remove the cert.

$Shell = New-Object System.Security.Cryptography.X509Certificates.X509Certificate
$CertificateSerialNumber = $Shell.GetSerialNumberString()
&Certutil.exe -delstore “TrustedPublisher” "$CertificateSerialNumber" | Out-Null

Its from here

As part of the driver removal, it also removes the cert (if it was required when injecting), points you in the right direction scripting wise anyways.


There's a tool you can download, near the bottom. The executable is signed by Dell, so it's safe.

lul, could be signed by the dodgy cert though! 
I checked, it's OK.

Answered 11/24/2015 by: rileyz
Red Belt

Please log in to comment
Here's the "official" removal guide with an executable file.  You should be able to automate this: https://dellupdater.dell.com/Downloads/APP009/eDellRootCertificateRemovalInstructions.pdf
Answered 11/24/2015 by: jknox
Red Belt

Please log in to comment
This is now more easy because Microsoft has released Security Update to remove eDellroot Certificate. So just install update and it's done. 
Answered 11/27/2015 by: Shyamji
White Belt

Please log in to comment
Answer this question or Comment on this question for clarity