The Chinese computer tech giant Lenovo is offering customers a tool to remove pre-installed malware, called Superfish, that may be installed on their computers.
Superfish was intended to “improve the shopping experience using their visual discovery techniques.”
However, the software ended up being a security risk.
Malware, a portmanteau of MALicious and softWARE, refers to software that deliberately harms computer systems.
It is unknown how many Lenovo laptops have been affected by the problem.
Users started posting complaints that pop-up ads were appearing on their browsers and computer experts later warned that Superfish could be comprise user security.
Lenovo said that the software “did not meet expectations” and that it has “acted quickly and decisively to remove it from our products.”
The company wants all its customers to be informed about the problem.
“While this issue in no way impacts our ThinkPads; any tablets, desktops or smartphones; or any enterprise server or storage device, we recognize that all Lenovo customers need to be informed.”
Lenovo makes an apology to its customers
“We apologise for causing these concerns among our users – we are learning from this experience and will use it to improve what we do and how we do it in the future,”
“We will continue to take steps to make removal of the software and underlying vulnerable certificates in question easy for customers so they can continue to use our products with the confidence that they expect and deserve.”
Removing the malware
In addition to instructions online on how to remove the software, Lenovo has released an automated tool to help users remove the software and certificate.
In an official statement, the company said:
1. In addition to the manual removal instructions available online, it has released an automated tool that will uninstall Superfish from affected computers.
2. The company is working withMcAfee and Microsoft to quarantine Superfish software and the certificate, or remove them using industry-leading tools and technologies. “These actions have already started and will automatically fix the vulnerability even for users who are not currently aware of the problem,”