Microsoft Corporation says its Windows Defender anti-virus software can remove Lenovo’s Superfish bug from PCs. Concerned users should update to the newest version of Windows Defender, followed by a virus scan as soon as possible.
Earlier this week, users were posting on the company’s forum that Superfish, a type of adware, had been caught hijacking browsers to place third-party ads on Google searchers and websites without the user’s permission.
Superfish is said to do this by using self-signed certificates to dupe browsers into displaying third-party ads. One user commented in the forum that the program had intercepted a connection to his bank, thus opening up confidential data to Superfish.
Apparently, the Superfish adware can follow users into confidential bank account web pages.
Several laptop owners said they would return their hijacked laptops after discovering the adware.
Adware is software that automatically downloads or displays advertising material such as banners or pop-ups when the user is online.
Superfish removed from new laptops
According to Lenovo, Superfish is no longer on consumers’ laptops. The company says that on January 15th, 2015, the adware was removed from the preloads of new consumer systems.
Nobody knows how many laptops out there are currently infected.
Yesterday, in an official statement, Lenovo said it was taking two additional actions to address users’ concerns:
1. As well as the manual removal instructions currently available online, Lenovo has released an automated tool to help users uninstall the software and remove the certificate.
2. It is working with Microsoft and McAfee to quarantine Superfish software and the certificate, or remove them using their industry-leading tools and technologies. “These actions have already started and will automatically fix the vulnerability even for users who are not currently aware of the problem,” the company added.
On its website, Lenovo wrote on Feb 20th:
“Since that time we have moved as swiftly and decisively as we can based on what we now know. While this issue in no way impacts our ThinkPads; any tablets, desktops or smartphones; or any enterprise server or storage device, we recognize that all Lenovo customers need to be informed.”
“We apologize for causing these concerns among our users for any reason – and we are learning from experience and improve what we do and how we do it.”
“We will continue to take steps to make removal of the software and underlying vulnerable certificates in question easy for customers so they can continue to use our products with the confidence that they expect and deserve.”
Video – Superfish, Lenovo, Malware & Bloatware