Superfish adware is one of the many applications out there that one wouldn’t want on her computer. So naturally, you would avoid these kinds of programs in the wild, but what happens when they are pre-loaded into your laptop’s setup? This is what happened with Lenovo laptops that had Superfish software pre-loaded, and it opened vulnerability on the said computers that would have allowed hackers to steal user’s credit card number information and other personal data. Needless to say, users had to scramble to remove Superfish software from their computers in order to avoid potential identity thefts.
The scale of Superfish vulnerability
Needless to say, Lenovo isn’t keen on revealing just how many computers are infected with the Superfish software, keeping in mind how they have tried to suppress the news about the issue. Nevertheless, CNET has reported that Lenovo sold around 16 million laptops in the last quarter of 2014, so it wouldn’t be surprising if all of them had Superfish adware installed. After all, the software is said to have been installed on more than 11 types of Lenovo laptop computers sold in the final quarter of 2014. Eventually, when there was no use in hiding it anymore, Lenovo has published a complete list of affected computers.
What does the Superfish do?
Superfish is a startup located in the Silicon Valley. Naturally, it is not a malicious computer security threat; otherwise Lenovo wouldn’t have pre-loaded it to their computers. However, just like most of the security experts have noticed Superfish exposes particular vulnerabilities that can be exploited by hackers to gain control of the affected computer or steal the user’s information.
The Superfish visual search software that was pre-loaded on the affected computers can capture the images that the user encounters online. This way it is supposed to show similar products to the user, but this ability to recognize images can be considered the main security risk too.
On top of that, it was revealed that Superfish makes use of third-party software to monitor when users access secure of encrypted web pages. Since the third-party software could replace the encryption code on the accessed websites with its own, it could have been easily hacked if you only knew how to do it. Therefore, removing Superfish software from the affected computer became an important task for any user who was concerned about the system stability.
How to deal with Superfish?
Just like it is often with adware applications, the responsibility for security flaws is transferred to the third parties. Same happened with the Superfish issues. Superfish representatives claimed that their own code was safe, and the security flaw that allowed the exploitation to take place was “introduced unintentionally by a third party.”
It is clear that in this situation Lenovo is not the only one to blame. Some security experts suggest that these kinds of security flaws might reach far beyond Lenovo, especially as we are dealing with third party adware applications here. Thus, once again, it allows us to emphasize just how important it is to intercept and remove all the potentially harmful programs on time.
If you happen to have a Lenovo laptop, you need to visit the Lenovo’s official website for the Superfish uninstall instructions. What’s more, you should not hesitate to invest in licensed security application that would offer real-time protection. Also, keeping all your official applications up-to-date will help you decrease the possibility of potential exploitation.
tested removal of Lenovo superfish vulnerability*100% FREE spyware scan and