February 19, 2015
From Lenovo itself they have confirmed the inclusion of Superfish in their computers. Although since the end of January they have decided to eliminate them in the new units, some of the PCs that are already on the market still include it. What security threats are we talking about? Not just from annoying advertisement, but from something potentially more serious: It installs its own root certificate that could potentially cause man-in-the-middle attacks every time you visit a secure site.
In principle, Superfish injects third-party advertising into your browsing. Imagine you search for something on Google. Automatically, and on the same page, a “Powered by VisualDiscovery” module appears in which they include advertisements. This advertising, although it is shown on Google, does not belong to the search engine, but it is Superfish that is forcibly putting it on the websites you visit.
Not only that, but some users complain that some websites, by injecting this malware into them, stopped being seen correctly.
via Controversy with Lenovo and its factory-installed malware on their computers: we explain how to remove it.
[+] Videos de nuestro canal de YouTube