Lenovo laptops have been pre-downloaded with a software known as Superfish, created by a company called Superfish. It is a software whose main purpose is to give additional information to the user when they highlight on a search result. This could be something like the same item on a different site for a lower price. The problem comes with the way it works.
The way it works is that it installs its own self-signed HTTPS root certificate. This means that when a user visits a HTTPS site, the site certificate is signed and controlled by Superfish. This way Superfish falsely represents itself as the official website. Continuing, the Transport Layer Security certificate is the same for every Lenovo machine. Finally, that means that any laptop with a Superfish root certificate installed will fail to flag these fake sites as forgeries. Though, Superfish has said that the program doesn’t store or share personal information.
The reports go back to September of 2014, with some even going back before September 2014. Lenovo has been working with Microsoft and McAfee to fix the problem. Lenovo has created a Superfish removal tool, but the Department of Homeland security has also issued their preferred way of removal. Lenovo has sold more than 16 million computers in the fourth quarter of 2014 with the Superfish being installed on more than 11 types of computers, including the Yoga and the Flex models.
For more information:
- CNET article: http://www.cnet.com/news/superfish-torments-lenovo-owners-with-more-than-adware/
- IGN article: http://www.ign.com/articles/2015/02/20/heres-how-to-remove-lenovos-invasive-software-from-affected-laptops
- PC World article: http://www.pcworld.com/article/2887392/lenovo-hit-with-lawsuit-over-superfish-snafu.html
- Robert Graham’s Blog: http://blog.erratasec.com/2015/02/extracting-superfish-certificate.html#.VOqfo_nF98F
- Ars Technica article: http://arstechnica.com/security/2015/02/lenovo-pcs-ship-with-man-in-the-middle-adware-that-breaks-https-connections/
- Lenovo’s Statement: http://news.lenovo.com/article_display.cfm?article_id=1929