An adware called Superfish is making big waves currently on the Internet after news spread that PC manufacturer Lenovo shipped some -- it is still not clear which devices are affected -- consumer PC models with the software preinstalled.
The core purpose of Superfish is to display advertisement to users based on what they are looking at in web browsers. It injects advertisement on web pages that users visit in browsers.
While that is bad enough, it is only part of the reason why Superfish is universally condemned currently. What is even more problematic than that is that the program installs a root certificate on the system. This is done by the software to gain access to https traffic as well, something which it would not otherwise be capable of.
The certificate was cracked recently which means that attackers can exploit it for man in the middle attacks.
Lenovo posted Superfish removal instructions yesterday but it is not the only company that sprang into action after the news broke.
Microsoft for instance updated Windows Defender, the built-in Windows security program to detect the Superfish certificate and VisualDiscovery program so that affected users can remove it from their systems using it.
Filippo Valsorda posted a screenshot of Windows Defender detecting Superfish on Twitter today.
Microsoft has not confirmed the integration yet but an update to the program's definition file was released today by the company.
You can check for the update manually in Windows Defender or download the most recent definition files from this page on the Microsoft website.
LastPass, makers of the popular password manager of the same name, have published Superfish Checker, a page on their website which detects whether Superfish is installed on the computer you are accessing the page with.
Besides checking whether you are affected or not by it, it lists removal instructions for the program and certificate.
The company is not the only one that published an online check tool. You can also use the Superfish CA test instead which tells you if the certificate is installed on your system. It recommends to perform the check with all browsers installed on the system.
If you are affected, you may also want to check out the removal instructions on the EFF website which offers a detailed guide to remove the Superfish software and certificate.
The whole Superfish incident turned quickly into a PR disaster for Lenovo. While the issue was first reported on tech sites (well actually first on the Lenovo forum some time ago) it was quickly picked up by newspapers worldwide.
Update: Lenovo has published a list of affected products (stating that they may be affected):
Advertising revenue is falling fast across the Internet, and independently-run sites like Ghacks are hit hardest by it. The advertising model in its current form is coming to an end, and we have to find other ways to continue operating this site.
We are committed to keeping our content free and independent, which means no paywalls, no sponsored posts, no annoying ad formats (video ads) or subscription fees.
If you like our content, and would like to help, please consider making a contribution:
Ghacks is a technology news blog that was founded in 2005 by Martin Brinkmann. It has since then become one of the most popular tech news sites on the Internet with five authors and regular contributions from freelance writers.