Security Advisor

Microsoft Kills Lenovo Superfish Adware

Windows Defender will now block and prompt users how to easily remove the adware found preinstalled on some Lenovo systems.

Microsoft has updated its Windows Defender to remove the certificate for the adware software called Superfish, which was discovered to come preloaded on Lenovo devices.

The update to Microsoft's free malware protection software will now block Superfish from running and will prompt users to remove the adware. What makes Superfish so dangerous is that besides altering online searches with unwanted ads, the preinstalled software also monitors SSL traffic, leading to increased security threats.

"The security concern is that the adware responsible for monitoring your SSL traffic could be compromised by hackers, other malware, malicious sites, etc.," commented Brett Fernicola, CISO for security firm Stealthbits Technologies. "Thus making it just that much easier to steal sensitive information from that PC such as passwords, online banking information, etc."

Today's Defender update will now reset any of these SSL certificates that were used by Superfish.  Prior to the release, the removal of the preinstalled software was a tricky endeavor, causing sites like CNET to release a how-to removal guides.

Responding to the allegation that it had knowingly included adware in its devices, Lenovo said it thought Superfish would "enhance the shopping experience," according to a released statement on its Web site. Lenovo said that due to customer complaints, it halted the preload of Superfish on systems in January and cut server connections associated with the software. It also said that the software was not preinstalled in the majority of its hardware.

"To be clear: Lenovo never installed this software on any ThinkPad notebooks, nor any Lenovo desktops or smartphones," said Lenovo. "This software has never been installed on any enterprise product -- servers or storage -- and these products are in no way impacted"

While the number of systems with the Superfish software installed was not given, it was included in 11 types of Lenovo laptops sold over the past two years, including the company's Flex and Yoga tablet/laptop hybrids.

The company also said it is planning to release a tool that will completely remove the software from affected systems sometime today. However, with Microsoft's Defender update, the tool may not be necessary.

To find out if your system is at risk, LastPass has created a Web checker that will tell you if Superfish is present. If it is, update Windows Defender and allow it to walk you through removing the software permanently.

About the Author

Chris Paoli is the site producer for Redmondmag.com and MCPmag.com.

Featured

  • Vendors Issue Patches for Linux Container Runtime Flaw Enabling Host Attacks

    This week, the National Institute of Standards and Technology (NIST) described a high-risk security vulnerability (CVE-2019-5736) for organizations using containers that could lead to compromised host systems.

  • Windows 10 Version 1809 Users May Get Visual Studio Crashes

    Microsoft on Friday issued an advisory for Windows 10 version 1809 users about possible Visual Studio crashes.

  • Standardizing the Look of Outlook's Outbound Messages

    Microsoft typically gives users a blank canvas to compose new e-mails in Outlook. In some corporate environments, however, a blank canvas isn't a good thing.

  • Windows 10 'Semiannual Channel Targeted' Goes Away This Spring

    Microsoft plans to slightly alter its Windows servicing lingo and management behavior with its next Windows 10 operating system feature update release, coming this spring.

comments powered by Disqus

Office 365 Watch

Sign up for our newsletter.

Terms and Privacy Policy consent

I agree to this site's Privacy Policy.