Basically, users will be prompted to download and install this tool whenever they drop by the Dell support website and choose the “Detect Product” button. The initial certificate that was reported over the weekend is known as eDellRoot, where it was installed by the Dell Foundation Services (DFS). DFS happens to be an application which implements a slew of support functions.
Dell representative Laura Pevehouse Thomas shared, “The certificate is not malware or adware. Rather, it was intended to provide the system service tag to Dell online support allowing us to quickly identify the computer model, making it easier and faster to service our customers.”
Well, regardless of the original good intention, it looks like both eDellRoot and DSDTestProvider can be exploited by attackers to generate rogue certificates for any website.