The adware is reportedly capable to intercept and hijack SSL/TLS connections to websites thanks to the installation of a self-signing certificate authority on affected machines. Called Superfish Visual Discovery software, it seems that it was installing a self-signed root certificate authority which allowed it to conduct a man-in-the-middle attack and view the contents of any encrypted connections. Now, what would happen if some criminal-minded hacker could use Superfish’s encryption methods and abuse them to intercept other people’s traffic? Nothing too good, that’s for sure. And it seems that the installation of Superfish onto new Lenovo laptops hasn’t even been done properly, as many complained the software was interfering with other digital certificates and smart card readers.
Infected with Superfish AdWare? Here’s what you can do
First of all, you need to check whether your Lenovo device is infected or not. At the time of writing this, Lenovo has issued an official statement, saying that only some consumer notebook products shipped between October and December have been affected: Looking at various reports from users around the web, it seems only the Lenovo P, Y & Z series are affected, while Yoga and ThinkPad models are unaffected. [Update: Lenovo says even the E, Flex, G, M, S, U and Yoga series models are affected as well] But go ahead and access this website (via @supersat) which will run a very simple Superfish CA test. Also, you can check Can I Be Super-Phished, and if you can access the website without any requirements, then it means you are vulnerable. To make it clear, if you DON’T get a warning, only then you are vulnerable. Now, if you have been affected, first of all, you need to understand that the only sure remedy would be to be reinstall Windows from a non-Lenovo image or move to another operating system. Uninstalling the Superfish software can reportedly leave the root certificate authority behind, but if you’re sure you want to do it, here are the steps you need to take: However, it seems that Lenovo has taken some actions to prevent this, but it could be a little too late. Here’s what you need to know
Superfish has completely disabled server side interactions since January) on all Lenovo products, thus disabling Superfish for all products in market Lenovo stopped preloading the software in January The company will not preload this software in the future
But this doesn’t answer if a hacker can misuse the already installed fake certificates. Hence, follow the steps above to stay safe. This should be a good lesson to all electronics makers out there. They should really respect a simple rule of business – when somebody buys your product, it belongs to them, and you shouldn’t ‘dare’ to infiltrate it with all sorts of dubious cash-making tools.