Superfish software on your Lenovo notebook? Take it off
February 27, 2015
You may have seen news stories about Superfish software on Lenovo notebooks. Lenovo began pre-installing Superfish on some notebooks in September 2014.
The software makes it easier for hackers to access your personal information, even when you’re visiting a website, such as a bank’s website, that uses HTTPS to encrypt the transmission of sensitive information, said Aditi Jhaveri, consumer education specialist for the Federal Trade Commission.
Although Lenovo has announced that they’ve discontinued pre-installing Superfish on its notebooks, some Lenovo notebooks sold today may still have Superfish pre-installed. So, if you purchased a Lenovo notebook any time since September 2014, your computer may be vulnerable to security threats.
Remove Superfish. It’s important to remove both the Superfish software and the Superfish certificate – simply uninstalling the software won’t protect against the security vulnerabilities. To remove both the software and certificate, follow the instructions from the U.S. Computer Emergency Readiness Team, download and run Lenovo’s Automatic Removal Tool, or use Lenovo’s manual instructions.
Change your passwords as soon as possible. It's possible that a hacker could have stolen your passwords by exploiting Superfish vulnerabilities. Keep the FTC’s tips in mind as you create new passwords.
Be cautious about using public Wi-Fi networks. It’s good advice anytime, but especially before you’ve run the removal tool. The vulnerabilities created by Superfish software may let attackers see your private data on unsecured networks.
Watch for unusual activity on your computer and your accounts. Do you think your email or social media account has been hacked? If so, take these steps.
Review your credit card and bank account statements regularly. Look for signs of identity theft. Do you see charges you don’t recognize? If so, contact your bank or credit card provider immediately and ask to speak to the fraud department.
Comments
You can follow this conversation by subscribing to the comment feed for this post.