Scan for Lenovo 'Superfish' threat

Started by endfire79, March 01, 2015, 11:47:20 AM

Previous topic - Next topic

0 Members and 1 Guest are viewing this topic.

Print
Go Down Pages1
User actions

endfire79

March 01, 2015, 11:47:20 AM
Some of you may have heard about the recent security issue with some of  Lenovo's pre-installed software on their computers (called Superfish).

http://www.avg.com/campaign-landing-pages/ww-en/lenovo-superfish-1

From AVG's information site:

Superfish is a piece of software that Lenovo has admitted to pre-installing on many of its laptops to "enhance the shopping experience" of its users. However, the U.S. Computer Emergency Readiness Team calls Superfish a "man-in-the-middle attack" because of how it "intercepts users' web traffic to provide targeted advertisements."

Superfish snoops in on your web browsing and secretly slips ads into webpages. But the really dangerous part is that it's pre-installed with root certificate authority, which allows it to impersonate any server's security certificate.  If this certificate is compromised by hackers, you could be tricked into logging in to a fake website and giving hackers your password. Because of Superfish, any of your accounts—including encrypted bank accounts—could be easily compromised.

Lenovo has stepped up and admitted the security threat and has released documentation on how to clean up the problem from their affected computers.  They have also release a tool that can facilitate this:

Link: http://support.lenovo.com/en/product_security/superfish_uninstall

Link 2 (AVG site, same tool): http://www.avg.com/campaign-landing-pages/ww-en/lenovo-superfish-1

Now, you may also ask if there is a way to remove the unwanted software changes without using Lenovo's own tool.  The answer is there usually always is some way to remove software changes without resorting to a third-party software.  The guide is similar to what's presented on Lenovo's site.  You are mainly removing the adware and then removing the problematic certificate from Windows Certificate Manager and your Internet browser.

Link:

https://filippo.io/Badfish/removing.html


A test to scan and detect if the issue is present on your browser (needs to be run using each type of browser).

Link: https://filippo.io/Badfish/


In general, I try to avoid installing any vendor software like this that comes pre-packaged with the laptop/desktop/tablet (any manufacturer)  It reduces the risk a lot, and the software is usually not very helpful anyways.

Cheers
"I will return before you can say 'antidisestablishmentarianism'."

"A man may fight for many things. His country, his principles, his friends. The glistening tear on the cheek of a golden child. But personally, I'd mud-wrestle my own mother for a ton of cash, an amusing clock and a sack of French porn."
Print
Go Up Pages1
User actions