Tuesday, November 24, 2015

Everyday Powershell - Part 35 - Check for eDellRoot certificate

So Dell, bless their wee hearts, have been shipping their own root cert with new laptops. Problem is the private key is available to everyone who's got a copy of this cert! Which means any halfwit could sign ANYTHING and if this cert is in your root certs that halfwits stuff is going to be trusted on your computer.

Better check if that cert is there;
Get-ChildItem -path cert:\LocalMachine\root | where Thumbprint -eq 02c2d931062d7b1dc2a5c7f5f0685064081fb221
Get-ChildItem -path cert:\LocalMachine\root | where Thumbprint -eq 98a04e4163357790c4a79e6d713ff0af51fe6927

There's two of them, check for both. If they're there just delete them. It might break some of the Dell bloatware that ships with the laptops. But better to live without bloatware than have some dodgy root cert that every man and his dog has the private key for.