Lenovo Caught Installing Pervasive Superfish Adware That Makes Its PCs Vulnerable To Hackers

Purchasing a new laptop can sometimes be a chore. For starters, simply finding one that's "right for you" takes time and effort, and once you do find it, you know that the "chore" part isn't over. Once you get that baby home, you'll have to begin mentally preparing yourself for the inevitable bloatware removal.

Bloatware is nothing new, and by this point, it's a given. Our notebooks could be more expensive if not for bundled apps, so for some, taking a few minutes to uninstall whatever's included might not seem like a bit deal. However, it's been discovered that Lenovo has been pushing boundaries a little bit too far -- some of its bloatware is outright adware.

The issue first began to hit Lenovo's user forums last month, and after the first person came and complained, a torrent of other users followed. The adware in question is called Superfish, and what it does is inject advertising into some websites and search engines. Based on what's known right now, Superfish will work in both Internet Explorer and Google Chrome.

Lenovo Yoga

The reason for the Superfish inclusion is obvious: It helps line Lenovo's pockets. But this particular piece of bloatware isn't at all kosher: It actually utilizes its own security certificate so that it can snoop on secure connections (any https:// website). That instantly makes the bloatware much worse than simple adware. It instead becomes a severe security threat.

While Lenovo has said that it's removed Superfish from currently-shipping notebooks, it hasn't ruled out a return. Should Superfish revise itself to be less intrusive, Lenovo will put it back.

I've always considered Lenovo to be a top-rate notebook brand, but with this, I can say that the name has definitely been tainted for me.


Via:  The Next Web
Show comments blog comments powered by Disqus