eDellroot Certificate uninstall using k1000
I'm sure most of you have heard about the eDellroot Certificate issue that is going around.
I was wondering if any of you have a fix to search for the cert and uninstall it if it is present on a machine?
Also, do you think that the dell update portion of the k1000 can solve this issue? We do not use this on our machines but I could enable it just to get this Certificate removed if that will work.
Thanks,
0 Comments
[ + ] Show comments
Answers (3)
Please log in to answer
Posted by:
rileyz
8 years ago
Im sure if you can do via GPO... Or via PKI - must be able to it via PKI?
I don't know, it has been a long time since I have done that sort of thing, someone else here might be able to help.
If not, you can try plan B and butcher my code to remove the cert.
$Shell = New-Object System.Security.Cryptography.X509Certificates.X509Certificate
$Shell.Import("$Certificate")
$CertificateSerialNumber = $Shell.GetSerialNumberString()
&Certutil.exe -delstore “TrustedPublisher” "$CertificateSerialNumber" | Out-Null
Its from here
As part of the driver removal, it also removes the cert (if it was required when injecting), points you in the right direction scripting wise anyways.
**Update
http://www.thewindowsclub.com/edellroot-certificate-removal-instructions
There's a tool you can download, near the bottom. The executable is signed by Dell, so it's safe.
lul, could be signed by the dodgy cert though!
I checked, it's OK.
Posted by:
jknox
8 years ago
Here's the "official" removal guide with an executable file. You should be able to automate this: https://dellupdater.dell.com/Downloads/APP009/eDellRootCertificateRemovalInstructions.pdf
Posted by:
Shyamji
8 years ago
This is now more easy because Microsoft has released Security Update to remove eDellroot Certificate. So just install update and it's done.
