{"id":171005,"date":"2015-11-28T02:27:24","date_gmt":"2015-11-28T01:27:24","guid":{"rendered":"http:\/\/www.borncity.com\/blog\/?p=171005"},"modified":"2019-04-29T07:55:25","modified_gmt":"2019-04-29T05:55:25","slug":"microsofts-sicherheitssoftware-entfernt-dell-root-zertifikat","status":"publish","type":"post","link":"https:\/\/borncity.com\/blog\/2015\/11\/28\/microsofts-sicherheitssoftware-entfernt-dell-root-zertifikat\/","title":{"rendered":"Microsofts Sicherheitssoftware entfernt Dell Root-Zertifikate"},"content":{"rendered":"<p><img loading=\"lazy\" decoding=\"async\" style=\"float: left; margin: 0px 10px 0px 0px; display: inline;\" src=\"https:\/\/borncity.com\/blog\/wp-content\/uploads\/2015\/01\/Schutz.jpg\" alt=\"\" width=\"40\" height=\"47\" align=\"left\" \/>Da hat Microsoft schnell reagiert. Die Woche hatte ich \u00fcber selbst ausgestellte Zertifikate auf Dell-Rechnern berichtet (siehe Link-Liste am Artikelende). Nun k\u00f6nnen Microsofts Sicherheitsl\u00f6sungen wie Microsoft Security Essentials oder der Defender diese Zertifikate erkennen und entfernen.<\/p>\n<p><!--more--><\/p>\n<p><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/ssl-vg03.met.vgwort.de\/na\/66d92767eb2245f4b01f687c3e91b2d8\" alt=\"\" width=\"1\" height=\"1\" \/>Momentan scheinen die Microsoft-Seiten \"down\" zu sein, daher verlinke ich mal nicht. Wie microsoft-news.com in diesem Artikel berichtet, k\u00f6nnen Microsofts Antivirus-Produkte das Dell <em>DelleRoot<\/em>-Zertifikat erkennen. Hier die entsprechende Info seitens Microsoft.<\/p>\n<blockquote><p>Program:Win32\/CompromisedCert.C is a Dell root certificate for which the private keys were leaked online.<\/p>\n<p>If your Dell PC contains this certificate, it might be vulnerable to this threat. A PC with this certificate could be vulnerable to SSL\/TLSspoofing attacks, and can allow an attacker to digitally sign binaries so that they are trusted by the affected PC. This can give an attacker control over your PC and browsing experience.<\/p>\n<p>The certificates can be found in Dell PCs running the followingWindows operating systems:<\/p>\n<ul>\n<li>Windows 10<\/li>\n<li>Windows 8.1<\/li>\n<li>Windows 8<\/li>\n<li>Windows 7<\/li>\n<\/ul>\n<p>An attacker can exploit a certificate using <a href=\"https:\/\/web.archive.org\/web\/20170706204539\/http:\/\/www.microsoft.com:80\/security\/portal\/mmpc\/shared\/glossary.aspx\">phishing<\/a> or <a href=\"https:\/\/web.archive.org\/web\/20170706204539\/http:\/\/www.microsoft.com:80\/security\/portal\/mmpc\/shared\/glossary.aspx\">man-in-the-middle attacks<\/a> to decrypt, modify or spoof HTTPS websites, such as banking, social media, or email websites.<\/p>\n<p>This could allow a malicious hacker to steal your user names, passwords, and confidential data. They could also carry out transactions without your knowledge, even when it seems like you have a secure browser connection to a website.<\/p><\/blockquote>\n<p>Laut <a href=\"https:\/\/web.archive.org\/web\/20161118030430\/https:\/\/www.microsoft.com\/security\/portal\/threat\/encyclopedia\/entry.aspx?Name=Program:Win32\/CompromisedCert.C\" target=\"_blank\" rel=\"noopener noreferrer\">diesem Artikel<\/a> im Malware Protection Center k\u00f6nnen die aktuellen Versionen folgender Microsoft Security-Produkte das Zertifikat erkennen und entfernen.<\/p>\n<ul>\n<li>Windows Defender f\u00fcr Windows 10 und Windows 8.1<\/li>\n<li><a href=\"http:\/\/www.microsoft.com\/security_essentials\" target=\"_blank\" rel=\"noopener noreferrer\">Microsoft Security Essentials<\/a> f\u00fcr Windows 7 und Windows Vista<\/li>\n<li>Microsoft Safety Scanner<\/li>\n<li>Microsoft Windows Malicious Software Removal Tool<\/li>\n<\/ul>\n<p>Damit sollte das Root-CA-Zertifikat zuverl\u00e4ssig von Dell-Systemen, auf denen Microsofts Sicherheitsl\u00f6sungen installiert sind, bereinigt werden. Gibt aber schon Anwender, die diesbez\u00fcglich aufgescheucht in <a href=\"https:\/\/www.dell.com\/community\/Virus-Spyware\/Win32-CompromisedCert-C-alert-by-Windows-Defender-What-is-this\/m-p\/4708293\" target=\"_blank\" rel=\"noopener noreferrer\">den Dell-Foren aufgeschlagen<\/a> sind. Nachtrag: Gerade auch diesen deutschsprachigen Artikel zum Thema gefunden. Und heise.de <a href=\"http:\/\/www.heise.de\/newsticker\/meldung\/Dell-Root-CA-Desaster-Microsoft-bringt-Updates-in-Stellung-3025738.html\" target=\"_blank\" rel=\"noopener noreferrer\">berichtet<\/a>, dass Microsofts AV-L\u00f6sungen beide Dell-Zertifikate erkennen und entfernen k\u00f6nnen.<\/p>\n<p><strong>\u00c4hnliche Artikel:<br \/>\n<\/strong><a href=\"https:\/\/borncity.com\/blog\/2015\/02\/19\/lenovo-gerte-mit-superfish-adware-verseucht\/\">Lenovo Ger\u00e4te mit Superfish-Adware verseucht<\/a><br \/>\n<a href=\"https:\/\/borncity.com\/blog\/2015\/02\/21\/avast-nutzt-auch-den-superfish-ansatz-bei-mail-shield\/\">Avast nutzt auch den 'Superfish-Ansatz' bei Mail Shield<\/a><br \/>\n<a href=\"https:\/\/borncity.com\/blog\/2015\/08\/13\/lenovo-service-engine-lse-superfish-reloaded-ii\/\">Lenovo Service Engine (LSE) \u2013 Superfish reloaded II<\/a><br \/>\n<a href=\"https:\/\/borncity.com\/blog\/2015\/11\/24\/sicherheits-gau-dell-zertifkat-bringt-massive-sicherheitslcke\/\">Sicherheits-GAU: Dell-Zertifkat bringt massive Sicherheitsl\u00fccke<\/a><br \/>\n<a href=\"https:\/\/borncity.com\/blog\/2015\/11\/25\/nchstes-dell-root-zertifikat\/\">N\u00e4chstes Dell Root-Zertifikat rei\u00dft Sicherheitsl\u00fccke auf \u2026<\/a><br \/>\n<a href=\"https:\/\/borncity.com\/blog\/2015\/11\/27\/adware-in-windows-blockieren\/\">Adware in Windows (Defender) blockieren<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Da hat Microsoft schnell reagiert. Die Woche hatte ich \u00fcber selbst ausgestellte Zertifikate auf Dell-Rechnern berichtet (siehe Link-Liste am Artikelende). Nun k\u00f6nnen Microsofts Sicherheitsl\u00f6sungen wie Microsoft Security Essentials oder der Defender diese Zertifikate erkennen und entfernen.<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[426,3694],"tags":[2699,1146,954,4328,4325,4013],"class_list":["post-171005","post","type-post","status-publish","format-standard","hentry","category-sicherheit","category-windows-10","tag-defender","tag-dell","tag-microsoft-security-essentials","tag-sicherheit","tag-windows","tag-zertifikat"],"_links":{"self":[{"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/posts\/171005","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/comments?post=171005"}],"version-history":[{"count":0,"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/posts\/171005\/revisions"}],"wp:attachment":[{"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/media?parent=171005"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/categories?post=171005"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/tags?post=171005"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}