If you purchased a Lenovo desktop or laptop between September 2014 and January 2015 you could be susceptible to “SuperFish” – adware that can be found lurking in the depths of your device.
Capable of hijacking Internet traffic data typically used for securing Internet transactions, SuperFish was installed on Lenovo devices by the manufacturer per an agreement with Superfish Advertising, a third-party software developer based out of Palo Alto, Calif.
“In our effort to enhance our user experience, we pre-installed a piece of third-party software … on some of our consumer notebooks. The goal was to improve the shopping experience using their virtual discovery techniques,” said the company in a prepared statement. “In reality, we had customer complaints about the software. … We stopped the preloads beginning in January. We shut down the server connections that enable the software (also in January), and we are providing online resources to help users remove this software.”
Until you are certain that your Lenovo system is safe from adware, refrain from online banking, making online purchases or engaging in any other online activity were security is critical.
To determine if SuperFish is present on your device and how to remove it, Lenovo released step-by-step SuperFish Uninstall Instructions on its website. You can also visit this secure site, which will run a basic scan on your device to determine if SuperFish is intercepting your connections.
Unfortunately, in his article about the Lenovo crisis, Zack Wittaker cites ZDNet’s Chris Duckett as saying that “the only confirmed way of completely removing SuperFish appears to be reinstalling Windows … or moving to another operating system entirely” as simply uninstalling the adware may not remove the root certificate authority.
According to reports from IDC Worldwide Quarterly PC Tracker and Gartner, Lenovo shipped more than 16 million desktops and notebooks worldwide during the fourth quarter of 2014. Lenovo’s statement indicates that following models may have been effected:
- G Series: G410, G510, G710, G40-70, G50-70, G40-30, G50-30, G40-45, G50-45, G40-80
- U Series: U330P, U430P, U330Touch, U430Touch, U530Touch
- Y Series: Y430P, Y40-70, Y50-70, Y40-80, Y70-70
- Z Series: Z40-75, Z50-75, Z40-70, Z50-70, Z70-80
- S Series: S310, S410, S40-70, S415, S415Touch, S435, S20-30, S20-30Touch
- Flex Series: Flex2 14D, Flex2 15D, Flex2 14, Flex2 15, Flex2 Pro, Flex 10
- MIIX Series: MIIX2-8, MIIX2-10, MIIX2-11, MIIX 3 1030
- YOGA Series: YOGA2Pro-13, YOGA2-13, YOGA2-11, YOGA3 Pro
- E Series: E10-30
Email Rea & Associates to learn more about the importance of protecting your virtual assets against cyber threats.
By Joe Welker, CISA (New Philadelphia office)