Important information for Lenovo computer owners.
Last week it was revealed some Lenovo laptops were sold with a piece of software called Superfish that allows serious vulnerabilities.
Lenovo has released a list of affected products:
- E-Series: E10-30
- Flex-Series: Flex2 14, Flex2 15, Flex2 14D, Flex2 15D, Flex2 Pro, Flex 10
- G-Series: G410, G510, G710, G40-30, G40-45, G40-70, G40-80, G50-50, G50-45, G50-70, G50-80, G50-80Touch
- Lenovo Edge 15
- Miix-Series: Miix2 – 8, Miix2 – 10, Miix2 – 11, Miix 3 - 1030
- S-Series: S310, S410, S415, S415 Touch, S435, S20-30, S20-30 Touch, S40-70
- U-Series: U330P, U430P, U330 Touch, U430 Touch, U540 Touch
- Y-Series: Y430P, Y40-70, Y40-80, Y50-70, Y70-70
- Yoga-Series: Yoga2-11, Yoga2-13, Yoga2Pro-13, Yoga3 Pro
- Z-Series: Z40-70, Z40-75, Z50-70, Z50-75, Z70-80
Even if your Lenovo computer isn’t listed, you can double-check by using a Superfish checker like this one from LastPass.
Lenovo has released an automated tool to remove the software, alongside a set of instructions if you’d prefer to do it manually.
According to Lenovo, Superfish was designed to “assist customers with discovering products similar to what they are viewing”. In reality this meant it was forcing advertisements into your browsing sessions without your knowledge. These ads would usually be inserted into search results but looked like they were part of the page.
This is sometimes called a “Man in the Middle” vulnerability, as someone has inserted themselves between you and the page you wanted without you noticing. This sort of vulnerability can be used by scammers to show you a fake website instead of what you were expecting.
For example, if you tried to go to a bank website, the scammer could deliver you a page that looked identical and even had the correct URL, but was not the actual page. It could then record your log in details. What made matters worse is that the encryption keys were easy to crack and were the same for every system, so once hackers had one, they could gain access to all affected computers.
If you own an affected computer you should change all your log in details to all sites immediately.