Computer manufacturer Lenovo has been caught purposefully selling new computers to consumers with preinstalled adware. The hidden adware, dubbed Superfish by researchers, embeds itself in internet browsers to deliver popup advertisements based on search terms.
Users have complained about Superfish on new laptops since last fall, but the adware has only come under fire recently with the discovery of a potentially serious security threat. In addition to serving up targeted marketing, Superfish is able to circumvent SSL/TLS connections thanks to the ability to self-sign internet security certificates. The vulnerability allows Superfish to conduct a man-in-the-middle (MITM) attack and view the contents of any connections that should be encrypted. This means that normally safe internet shopping or secured private data sites are made fair game to an attacker.
Recognizing the severity of the threat, Microsoft has already issued an update to Windows Defender to remove the Superfish root certificate. If you have purchased a new Lenovo computer within the last six months, you should immediately check that you have the latest Microsoft security updates and preform a scan. It should be noted, however, that while Windows Defender will remove the offending files from Internet Explorer, it will not actively seek out third party browsers such as Firefox. If you use a third-party browser you should double check to ensure all remnants of Superfish have been removed.
– Richard Keene
IT Computer Support of New York
Webmaster and Lead Designer