Lenovo is a popular brand of laptop computers sold in the US. They have low end consumer models all the way up to high end business. And for the past two years, some models have been coming preinstalled with a nasty piece of malware called Superfish Visual Discovery.
At the surface, Superfish seems quite innocuous. It replaces Google text ads with image-based advertisements in search. Annoying, but harmless in the grand scheme of things.
However, it seems like Superfish can be quite dangerous. The folks at LastPass, a password manager, explained why quite well in a recent blog post:
It was discovered that the Superfish software was installing its own self-signed Root Certificate Authority so that the Superfish software always appears as a trusted party. The Superfish software would have the ability to then intercept supposedly-secure communications to websites via a man-in-the-middle attack. Researchers also confirmed that hackers on the same network, like an open WiFi hotspot at a coffee shop, can exploit Superfish to steal things like your banking login details or to read your emails.
If you have a Lenovo, priority number one is to get Superfish taken off as soon as possible. Thankfully, Lastpass has made it easy to detect the vulnerability caused by Superfish by using an image.
If you see an image that says “You are safe!” on that page, then great! You can stop reading now and rest assured you aren’t vulnerable to the attacks described above. However, if you see anything else, you’ll need to remove the program Superfish and the root certificate it installed.
To uninstall Superfish:
To remove the root certificates:
If you need any assistance, our Consumer Services folks will be happy to help! Fill out the form below to get a call or e-mail back from our staff.