Security Alert: Lenovo Superfish High Security Vulnerability

February 23, 2015 Ethel Crosby

If you recently purchased a new Lenovo Notebook product that was shipped between September 2014 and December 2014, this security alert is for you.

What is Superfish?
The preloaded software, called Superfish, alters your search results to show you different ads than you would otherwise see. It also tampers with your computer's security so that attackers can snoop on your browser traffic – no matter which browser you're using.

"Attackers are able to see all the communication that's supposed to be confidential – banking transactions, passwords, emails, instant messages," said Timo Hirvonen, a senior researcher at security software maker F-Secure. That kind of threat, known as a man-in-the-middle attack because the hacker can spy on the users' Internet traffic and infiltrate their computer, poses a serious risk to consumers, he said.
Read this CNET article for more details.

Lenovo had the following to say in their updated statement on Superfish, detailing the additional things they are doing about the situation:

"Lenovo is exploring every action we can to help our users address the concerns about Superfish. So today we are taking two additional actions:

  1. In addition to the manual removal instructions currently available online, we have released an automated tool to help users remove the software and certificate. That tool is here.
  2. We are working with McAfee and Microsoft to have the Superfish software and certificate quarantined or removed using their industry-leading tools and technologies. These actions have already started and will automatically fix the vulnerability even for users who are not currently aware of the problem."

I think I may be impacted … what do I do?
No need to panic. Thankfully, it’s simple, so make sure you take action ASAP. All the details are in this article here.

First, find out if Superfish impacts your computer. LastPass has created a Web tool that makes it easy to check to see if your computer is infected. You can check by simply clicking on this link.

Superfish

Hopefully you see the image above saying you are not impacted. If you are impacted, follow the rest of the instructions here to uninstall the link.

Subscribe

The One North Ideas Update delivers each month’s latest posts on digital for PSOs—including industry trends, news and our latest research—directly to your inbox. Although it’s our goal to always include thought-provoking and compelling content, you can unsubscribe at any time. 

See our Privacy Policy to learn more about how we protect and manage your submitted data.

Ethel Crosby Director of Technology Operations & Offerings

As Director of Technology Operations and Offerings at One North Interactive, Ethel is responsible for the management and execution of leading digital technology solutions and software product management for B2B relationship-based businesses. Never one to shy away from a challenge, Ethel once zip-lined, upside down, in a rain forest in Costa Rica.

  • Favorite movie quote: "With great power comes great responsibility." - Spiderman
  • Favorite vending machine snack: Reeses Pieces

One North Interactive 
222 North LaSalle St, #1500
Chicago, IL 60601

+1 312.469.1740