Lenovo had a rough go of it over the past few weeks. First, news broke that Lenovo had installed Superfish (widely regarded as adware) on some of its notebooks. As public outcry mounted, Lenovo offered a public apology and provided customers with instructions for removing Superfish. But all the negative publicity isn’t Lenovo’s only headache now: someone claiming to be a customer affected by the software has filed a lawsuit against Lenovo in California. And, they’re aiming for class-action status.
The plaintiff in the case is Jessica Bennett, who suspected that her computer had adware on it and discovered Superfish. As we reported earlier, one of the aspects of Superfish that customers like Bennett object to is that the software can make use of a security certificate to glean information about secure (https://) website connections.
In addition to apologizing, Lenovo CTO Peter Hortensius said in an open letter that the company has stopped shipping notebooks with Superfish. “This software frustrated some users without adding value to the experience so we were in the process of removing it from our preloads. Then, we saw published reports about a security vulnerability created by this software and have taken immediate action to remove it,” Hortensius states.
Lenovo’s actions include providing a program that customers can use to remove Superfish and alerting McAfee, Microsoft, and Symantec. All three of those companies have updated their security software to spot and remove Superfish. If you recover your system image from the recovery partition, you’ll have Superfish again, but the security software should catch it and pull during the first scan.
Superfish seems to have been installed only on consumer notebooks, which means most businesses probably aren’t affected. “While this issue was limited to our consumer notebooks and in no way impacted our ThinkPads; any tablets, desktops or smartphones; or any enterprise server or storage device, we recognize that all Lenovo customers may have an interest in where we are and what is next,” Hortensius said in the statement.
Until now, Lenovo has had a strong reputation, particularly when it comes to the company’s notebooks. Hortensius seems eager to repair the damage Lenovo’s reputation has suffered, particularly in the area that led to this debacle: the preinstalled software, often known as bloatware. Hortensius promises to work on “creating a cleaner PC image (the operating system and software that is on your device right out of the box).”