Lenovo laptops’ security compromised by Superfish

Computer security

If you have a Lenovo laptop then you might want to think twice before using on a Wi-Fi hotspot. The technology manufacturer has been increasingly criticised in recent weeks after it transpired that many of their laptops have been sold loaded with dangerous adware to unwitting customers.

Consumers who purchased Lenovo laptops since September will find that their machines came pre-installed with the programme Superfish, and this means that their security is seriously compromised.

Superfish is a type of adware that uses your data from searches on Google, Amazon, and other websites to add its own shopping results to your browser. However, as if this wasn’t irritating enough, there is a far more sinister problem associated with Superfish.

Superfish installs a single self-signed root certificate to your computer, which might not sound particularly worrying, however it is really dangerous. It creates a giant hole into browser security and enables anyone else on the same Wi-Fi network to silently hijack your browser and gain access to bank details, passwords, and all other kinds of sensitive information.

That means that if you’re using a Lenovo laptop on a Wi-Fi network in a public area, such as a coffee shop or local McDonalds, then there is a chance that someone could be accessing all your personal details with consummate ease.

Equally as worrying is the distinct apathy with which Lenovo seems to have responded to the issue. The company claims that it is has no insight that their machines have led to any nefarious activity, and that Superfish has now been disabled. Simply uninstalling Superfish however does not remove the problematic root certificate that leaves these laptops so open to infiltration.

It would seem that the only sure-fire way of removing the threat would be to wipe the entire machine and install a non-Lenovo version of windows, such as vanilla Windows. But with the hassle this brings, who wants to do that? Lenovo appear to have dropped a big one here.

If you require help with your computer security, speak to the team at JDM Computing today.