Lenovo owners should be aware of Superfish
It was September 2014 when Lenovo, a Chinese-based computer technology company, revealed that they had sold an unknown number of computers containing preloaded adware known as Superfish. The reveal shocked many who criticized Lenovo for not doing more to vet the component before allowing it to be installed on an untold number of computers. But what is Superfish? What should an owner of a Lenovo computer do to correct the problem? These questions are important, as the Technology Service Desk has repeatedly assisted with configuration issues for a large portion of the Elon community who purchased a Lenovo computer for their personal use.
What does Superfish do?
Superfish is a piece of adware that was preinstalled on a variety of Lenovo machines. Superfish is known to intercept HTTP and HTTPS communications to display targeted advertisements to users. To complicate matters, Superfish also replaces security certificates normally used by websites with its own security certificate, making it possible for hackers to compromise the false certificate and imposter secure websites. Lenovo initially called the ads “helpful recommendations,” but Lenovo CTO Peter Hortensius admitted that “going forward, we feel quite strongly that we made a significant mistake here.”
What Lenovo computers were affected?
Lenovo has posted a list of the systems that could have come with the Superfish adware:
- G Series: G410, G510, G710, G40-70, G50-70, G40-30, G50-30, G40-45, G50-45
- U Series: U330P, U430P, U330Touch, U430Touch, U530Touch
- Y Series: Y430P, Y40-70, Y50-70
- Z Series: Z40-75, Z50-75, Z40-70, Z50-70
- S Series: S310, S410, S40-70, S415, S415 Touch, S20-30, S20-30 Touch
- Flex Series: Flex 2 14D, Flex 2 15D, Flex 2 14, Flex 2 15, Flex 2 14(BTM), Flex 2 15(BTM), Flex 10
- MIIX Series: MIIX 2-8, MIIX 2-10, MIIX 2-11
- YOGA Series: YOGA 2 Pro-13, YOGA 2-13, YOGA 2-11BTM, YOGA 2-11HSW
- E Series: E10-30
Even if your Lenovo model isn’t listed above, you’ll want to follow these instructions to determine if Superfish is installed on your computer. Despite Lenovo saying that they haven’t installed Superfish since December, there have been reports of users who ordered Lenovo notebooks as recently as February that discovered their computers were infected. To determine if your computer is bundled with Superfish, follow these instructions.
What should I do if I’m affected?
Please note that users may utilize the following techniques at their own discretion. The Technology Service Desk is unable to assist users with troubleshooting or support of personal computers.
While Lenovo claims to have stopped bundling Superfish, the company did perform any recalls to prevent previously built systems from including the malware. If your Lenovo model is listed above, you should visit Lenovo’s official page for a Superfish Removal Tool. The site contains step-by-step instructions on how to install a tool that would remove Superfish from your computer. Afterwards, you’ll want to scan with MalwareBytes, as some users have reported additional Superfish material that was not removed with Lenovo’s removal tool (e.g., VisualDiscovery.exe, SuperfishCert.dll, and a VisualDiscovery registry setting).
Image by Flickr user Greg Tech Blog