Got Lenovo?

Got Lenovo?

If you have purchased a Lenovo laptop or desktop in the past 5 months, you need to be aware of the following alert. Lenovo preinstalled an application called Superfish VisualDiscovery that is using a Komodia Root Certificate. This is on your trusted root certificate store and can easily be compromised so that an attacker can generate certificates for your favorite website. This is called a "man in the middle attack" which can manipulate you into thinking you are safe.Websites such as online banking can be easily spoofed without any warning to you, allowing hackers to get your login information to ANY website they choose to manipulate. The fix is as easy as downloading the uninstaller from Lenovo located here:

Lenovo Superfish Fix

We recommend stopping whatever you are doing on the web until you have fixed this issue if you have one of the affected systems. The link to the US Cert advisory is here:

https://www.us-cert.gov/ncas/alerts/TA15-051A

If you are using any of the affected system, we recommend performing the removal of Superfish, then after rebooting, changing your passwords to any sites you have visited while using your Lenovo system.

View all blog posts »