Security researchers recently discovered that Lenovo PCs came preloaded with a piece of software called Superfish Visual Discovery, which manipulates advertisement to appear in your web browser, including in Chrome and Internet Explorer.
The Superfish adware is capable of creating a root certificate in Windows and resign all SSL certificates presented by HTTPS websites with its own certificate, which in technology is define as a man-in-the-middle attack.
While Lenovo is no longer installing the adware in its computers, this security hole could allow attackers to gain access to user’s private data, including bank information, passwords, and much more.
Today after the level of concern from consumers is raising, Lenovo has issued a simple method to remove the Superfish adware.
How to remove Superfish from your PC
-
Open Control Panel and then head over to Uninstall a Program.
-
Select Visual Discovery and click Uninstall.
-
According to the company that is all you need to do to address the issue and said “We have thoroughly investigated this technology and do not find any evidence to substantiate security concerns.”
However, the issue isn’t completely addressed by this simply fix as the bad certificate will stay stored in Windows. So, to get removed the certificate, you’ll need to launch the Microsoft Management Console (mmc.exe) as an administrator and perform the following steps:
-
Navigate File > Add/Remove Snap-in.
-
Select Certificates and click Add.
-
Select Computer Account and click Next.
-
Select Local Computer and click Finish.
-
Click OK.
-
Look under Trusted Root Certificate Authorities > Certificates.
-
Find the certificate issued Superfish and delete it.
Now that you have done performing the above steps, there will be some Superfish registry entry in Windows, but they are likely to be harmless.
Another thing you could do is to run CCleaner to clean your Windows registry. You can download the free utility here.
Finally, if you’re using Google Chrome or Firefox as your web browser of choice, there could be a chance that you still have a copy of the suspicious certificate.
How to delete Superfish from Firefox
On the address bar type:
about:preferences#advanced
A menu will appear, choose Certificates and the View Certificates. Look for Superfish in the list of Authorities and delete it.
How to delete Superfish from Google Chrome
Go to Settings > Advanced Settings > HTTPS > SSL > Manage Certificates. In the Certification Manager, go to Authorities and look for Superfish, and delete it. If the delete button is not available, choose edit and uncheck all the “Trust this certification” radio button.
Lastly, to make sure that Superfish is no longer an issue, go to Superfish CA test website.
This procedure will take care of the Superfish adware issue, however Lenovo has yet to release a comprehensive tool to deal with this problem.
Update: Lenovo offers a more extensive procedure to remove the adware from PCs. Up on checking the instructions, I can confirm that the steps mentioned in this guide are accurate, and even goes further with extra steps to take care of the bad certificate cached in Chrome and Firefox.
Source ZDNet