Lenovo Superfish vulnerability

Lenovo installing dangerous, invasive “Superfish” adware on new PCs that hijacks all secure HTTPS connections on affected PCs.

The biggest problem with Superfish isn’t the adware itself but the way it hijacks legitimate SSL traffic. It does so by installing a self-generated root certificate in the Windows certificate store and then resigns all SSL certificates presented by HTTPS sites with its own certificate.

In other words, Superfish conducts a man-in-the-middle attack and breaks the sanctity of HTTPS encryption. And simply removing the adware itself doesn’t remove the rogue root certificate.

Microsoft’s Windows Defender update (20 Feb) removes the adware and the rogue certificate from the Windows certificate manager, but not Firefox’s certificate manager.

Note: ThinkPad, ThinkCentre, Lenovo Desktop, ThinkStation, ThinkServer and System x products are not impacted.

Checks to see if your computer is infected with Superfish

Which Lenovo PCs have Superfish preinstalled?

Lenovo Superfish uninstall instructions

PCWorld’s guide to completely eradicating Superfish

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: