ATTN anyone who has purchased a Lenovo PC since Sep 2014

By now this is old news but in case people here haven’t seen it yet, it’s pretty important.

The TL;DR is if you, or someone you know, has purchased a Lenovo computer recently, check “Programs and Features” for something called “Superfish”. If the computer has it on there, click me to download Lenovo’s removal tool and run it. Then you are done.
Or if you want to do it manually, this is Lenovo’s support page for it

So the story behind this…
Lenovo shipped almost all of their units with software installed called Superfish. The software is ultimately adware that injects advertisements onto your webpages. The issue is that, because Lenovo put the software on the computer, it comes with a signed root certificate which allows Superfish to see and change anything it wants which includes encrypted traffic. Basically it’s a man-in-the-middle where Superfish can create “legit” encryption certificates for your secure websites you log in to.
As if this wasn’t bad enough, the company that developed the software Superfish is using to make this possible (Komodia), left a massive security hole in the root certificate. The private key used to sign all of the certificates is “komodia” which took someone about 3 hours to figure out.
So all in all this means someone on the same network as a person with a Lenovo computer can easily intercept what is supposed to be encrypted connections to their bank account, email, etc.

thanks for this, I hadn’t heard anything about this until now. I’ll have to contact a few customers to ask them to remove it.

Thanks. My woman just bought a lenovo last year.

Yeah I spent a whole day working with corporate Geek Squad to get an official fix released. Luckily, Lenovo made the tool and it does remove all traces. Most security software I tried didn’t find anything. Not sure if they are gonna update their definitions or not.

just had a look on my system and gladly there aren’t many we have sold to home customers :smile: I’ll let people know to look out for it when running anti-malware scans