A couple weeks ago, news broke that almost all Lenovo laptops shipped between September 2014 and January 2015 came pre-loaded with a sneaky little piece of adware called Superfish. It was no mistake: Lenovo intentionally used it to inject ads for Lenovo products into web searches.
The intended use is questionable at best, but it turns out the software also has a gaping security hole that can be exploited to access your secure browser data—passwords, bank info, and more.
Lenovo laptop owners would be especially vulnerable if they’re on a shared network, like a coffee shop's open WiFi hotspot. From there, a hacker would be able to exploit Superfish to do things like intercept your credit card account password or read your emails.
Lenovo stopped pre-installing Superfish in January, but millions of users may be open to attack—including buyers of machines like the new Lenovo Yoga 3 Pro. But it only takes a minute to check your machine and make sure you're protected. We’ll give you the lowdown on how to do just that.
Finding and Removing Superfish
If you want a quick fix, Windows has released an update to Windows Defender that will root out Superfish for you. Unless you use Firefox or Thunderbird, in which case you’ll have to follow the steps below to root out the certificate storage used specifically by those browsers.
If you’d rather take the initiative yourself—and you should, just to be sure—follow our step-by-step guide below.
First things first: Let's find out if your Lenovo has Superfish installed. LastPass has a great web browser tool that will give you a clear indicator for whether or not you should be worried.
If you get the all-clear, then you’re done! You have nothing to worry about. But if you get some bad news from LastPass, keep reading and we’ll get you through the steps needed to get rid of this pesky software.
1. Uninstall Superfish
- Click the Windows Start button, or swipe from the right
- Search and launch uninstall program
- Right-click on Superfish Inc VisualDiscovery and select Uninstall
2. Uninstall certificates installed by Superfish
- Navigate to the Search button again and type certmgr.msc into the field
- Launch the certmgr.msc program
- Click on Trusted Root Certification Authorities, then Certificates
- Look for any certificates that mention Superfish Inc
- Right-click on any of those certificates and delete
- Restart your browser
(If you use Firefox or Thunderbird, go to step 3. If not, you're all done.)
3. Remove browser and mail client certificates
- In Firefox and/or Thunderbird, go to Preferences > Advanced > Certificates
- Select "View Certificates"
- Same as before: Search for any sign of Superfish, right click and delete
That’s it! You should be all set, but make sure to check LastPass again to make sure it gives you the all-clear.