SuperFish Vulnerability in Lenovo Notebook products

The company Lenovo has admitted to have a HIGH severity vulnerability with the name SuperFish, which affects several models of notebook products and comes from the inclusion of the SuperFish software in the Windows OS that comes installed in those products.

This software inserts unwanted publicity in the Internet browsers, and was included by this manufacturer in some notebook computers between September 2014 and February 2015.

SuperFish includes the library “Komodia Redirector and Komodia SSL Digestor”, which installs a universal self-signed root certificate that exposes the equipment to a “man in the middle” attack with the possibility of password and sensitive information interception.

The notebook models that Lenovo has signaled as affected by this vulnerability are:

E-Series: E10-30

Flex-Series: Flex2 14, Flex2 15, Flex2 14D, Flex2 15D, Flex2 Pro, Flex 10

G-Series: G410, G510, G710, G40-30, G40-45, G40-70, G40-80, G50-50, G50-45, G50-70, G50-80, G50-80Touch

Edge Series: Lenovo Edge 15

Miix-Series: Miix2 – 8, Miix2 – 10, Miix2 – 11, Miix 3 - 1030

S-Series: S310, S410, S415, S415 Touch, S435, S20-30, S20-30 Touch, S40-70

U-Series: U330P, U430P, U330 Touch, U430 Touch, U530 Touch

Y-Series: Y430P, Y40-70, Y40-80, Y50-70, Y70-70

Yoga-Series: Yoga2-11, Yoga2-13, Yoga2Pro-13, Yoga3 Pro

Z-Series: Z40-70, Z40-75, Z50-70, Z50-75, Z70-80

Antivirus like Kaspersky, Segurmatica and others, identified this program in the category of Adware.

Recommendations:

It is recommended that all users as well as entities remove this software from their PCs. Lenovo offers instructions to completely remove this vulnerability on the following link:

http://support.lenovo.com/mx/es/product_security/superfish_uninstall

 

In order to uninstall this software:

Remove the SuperFish Inc. Visual Discovery software from the installed programs.

Remove the SuperFish certificate from the Windows Certificate Store.

Remove the SuperFish certificate from each of the browsers used in the PC.

Another alternative is to install a new clean copy of Windows OS in the PC.

Notes:

Adware: Software that automatically shows web publicity to the user while it is being installed or while it is running. 'Ad' in the word 'adware' means 'advertisement'.

 References:

The Lenovo official statement is available on:

http://support.lenovo.com/mx/es/product_security/superfish

More information on:

http://unaaldia.hispasec.com/2015/02/portatiles-lenovo-con-malware-de-regalo.html

English