Lenovo has been a naughty company, selling Windows computers pre-installed with software known as Superfish. It basically opens up affected PCs to man-in-the-middle attacks, breaking Windows’ encrypted Web connections. Thanks, Lenovo. Trust = broken.
The real bummer of it is that Lenovo has been unable to provide users with a reliable fix., even though it says it has already cut all ties with Superfish and isn’t installing the software any longer. So not only has Lenovo surreptitiously installed harmful software, but the company doesn’t even know how to undo the effects.
Luckily Microsoft has come to the rescue, with researchers claiming Windows Defender, Microsoft’s onboard anti-virus software, is capable of completely removing the wonderful Superfish software. Not only that, but Defender will reportedly reset SSL certificates avoided by Superfish, righting one very glaring wrong.
Superfish was malicious because it opened up Lenovo PCs to simple attacks from hackers. One security researcher was able to crack the password of a Superfish certificate, allowing him to easily intercept encrypted data from Lenovo machines on the same Wi-Fi network. I hope you don’t do online banking. Wait, pretty much everyone does online banking.
In order to ensure your Lenovo machine is cleansed of the Superfish software, Windows users are being encouraged to update Windows Defender and scan their machines immediately. If you purchased a Lenovo recently, you might want to do this now.