How Companies Are Responding To Lenovo's Superfish Adware
Lenovo and other organizations are taking steps to mitigate the risk posed by Superfish. Superfish’s developers? Not so much.By Evan Thomas | February 21, 2015
Lenovo is working to remove a computer security hole represented by Superfish, a bit of pre-installed adware that can do much worse than just serve pop-ups.
Superfish compromises the certificates used to secure web traffic by writing its own in place of legitimate ones. Superfish uses it to serve ads, but by replacing that certificate, it opens certain Lenovo computers to what’s known as a man-in-the-middle attack.
Web security experts justifiably freaked out when the news broke this week. With Superfish, any web traffic sent or received on affected machines could be intercepted or copied.