Friday, February 20, 2015

What Is The Deal With Lenovo and Superfish and How Do I Remove It?

By now the chances are you've seen or heard the news that PC manufacture Lenovo has been  pre-installing software dubbed Superfish on its laptops. While the company has issued a statement proclaiming that the 'malware' is not as dubious has many have made it out to be. The level of access the software has and the behavior it exhibits should still be an area of concern for customers. Below we are offering a quick explanation of exactly what the software is and does as well as full details on removal...hopefully it helps anyone impacted!

What is Lenovo Superfish?

What Superfish is and isn't is a bit deceptive. The software itself is a legitimate tool created and developed by a legitimate tech company, also named Superfish. It is a Visual Search tool that is used as adware to allow companies such as Lenovo to insert their own custom advertising whenever a user of that PC does a Google search or visits other websites, which generates additional ad revenue for companies using the software.

Unlike most malware, and some adware, it isn't specifically intended to be malicious in nature. Though some would argue that hijacking your searches is a pretty malicious act. So why is it a big deal? Well that would be in how the software acts. Superfish also compromises all SSL connections on the impacted PC. In essence, Superfish uses a “man in the middle” approach, where Superfish is able to monitor and alter data going to and from websites without the knowledge of either the user using the system or the sites being visited. Something that I'm sure no one wants!

I own a Lenovo laptop am I infected by Superfish?

Here is a full list of the Lenovo consumer laptops that the company has confirmed it had pre-installed Superfish on, keep in mind they claim to have stopped installations as of January.
  • G Series: G410, G510, G710, G40-70, G50-70, G40-30, G50-30, G40-45, G50-45
  • U Series: U330P, U430P, U330Touch, U430Touch, U530Touch 
  • Y Series: Y430P, Y40-70, Y50-70
  • Z Series: Z40-75, Z50-75, Z40-70, Z50-70
  • S Series: S310, S410, S40-70, S415, S415Touch, S20-30, S20-30Touch
  • Flex Series: Flex2 14D, Flex2 15D, Flex2 14, Flex2 15, Flex2 14(BTM), Flex2 15(BTM), Flex 10
  • MIIX Series: MIIX2-8, MIIX2-10, MIIX2-11
  • YOGA Series: YOGA2Pro-13, YOGA2-13, YOGA2-11BTM, YOGA2-11HSW E Series: E10-30
For those that own one of the models listed above, or those that want to double check their Lenovo products there are several options for detection and removal. One of the easiest tools is the LastPass Superfish Detector and online tool that quickly scans your laptop. Another is to use Microsoft’s free Windows Defender product, which has just been updated (version 1.193.444.0) to detect and remove SuperFish.

How do I remove Superfish?

Lenovo has announced plans to release an automated tool that will remove the Superfish adware from affected PCs, however that tool has yet to be released. In the mean time the company has offered its own removal instructions,though many have stated that these don't cover everything. Ars Technica has posted a very thorough Superfish Removal Guide that should cover all the bases. Below are some of the basics!

If you’re affected by Superfish, you must first uninstall the program:
  1. Click the Windows Start button
  2. Search uninstall program
  3. Launch uninstall program
  4. Right-click on Superfish Inc VisualDiscovery and select Uninstall
  5. If prompted for administrator password, enter or provide confirmation
Then you must uninstall the certificates as well:
  1. Click the Windows Start button
  2. Type certmgr.msc into the Search box
  3. Click the certmgr.msc Program to launch it
  4. If prompted for administrator password, enter the password or provide confirmation
  5. Click on Trusted Root Certification Authorities
  6. Open Certificates
  7. Look for certificates mentioning Superfish Inc.
  8. Right-click on any Superfish Inc certificates and delete
  9. Restart your browser and return to this page to see you are safe

Following the removal steps above should get you up and running on a clean PC but that likely doesn't mean all of your questions have been answered. Lenovo and Adi Pinhas, the chief executive of Superfish, have been adamant in regards to any security risks that Superfish may or may not have posed. In a statement released earlier today Pinhas wrote, "Superfish is completely transparent in what our software does and at no time were consumers vulnerable—we stand by this today. Lenovo will be releasing a statement later today with all of the specifics that clarify that there has been no wrong doing on our end.”

So at the end of the day it all comes down to whether or not we trust Lenovo and Superfish's intentions. They have admitted the mistake and we could give them the benefit of the doubt but that doesn't mean we've seen the end of these types of situations. Companies are always looking to gain an edge in the market and monetize your user experience as much as possible!

No comments:

Post a Comment

All comments will be moderate for content, please be patient as your comment will appear as soon as it has been reviewed.

Thank you