According to a discovery of some odd digital certificates by a reddit user (who then posted the discovery), Dell laptops–believed for now to be limited to some Inspiron and XPS series machines–could contain a security flaw that would allow hackers to manipulate a website, make it read as though it belongs to Dell, and then use the customer service features to “take over” your computer and install malicious software. These digital certificates, the ones that let your computer know that “http://amazon.com” really is Amazon, for example, and can therefore be trusted, can be altered to make your computer recognize any website as belonging to someone else. Basically, a hacker can pretend to be Dell and get to work on your machine.
Dell apologizes for laptop security scare, will remove vulnerability today. Dell has posted instructions to permanently remove the certificate from affected systems here, and the company will also publish a software update today that will automatically check for the certificate and remove it. The company has not confirmed how many machines are affected, but the Inspiron 5000, XPS 15, and XPS 13 are known to ship with the certificate preinstalled.