If you have a Lenovo system that includes the Superfish malware, you’ll want to remove it. Blowing away your system and reinstalling Windows is one way to do this, but while it’s a relatively straightforward process, it’s a time-consuming one. Using Lenovo’s own restore image won’t work, because that will probably reinstate Superfish anyway. Performing a clean install from Windows media will work, but you’ll have to reinstall all your software and restore all your data from backup to do the job fully.
An alternative is to remove the malware itself. Lenovo has published instructions, but at the time of writing, they’re woefully inadequate. Lenovo’s instructions describe how to remove the advertising software, but unfortunately, it doesn’t address the important bit: the gaping security vulnerability. Update: Lenovo’s instructions are now much better, including all the steps we listed here, describing clean-up of both the Superfish software and the security flaw it creates. The company is going to be releasing an automated clean-up tool, too, for those uncomfortable with making the changes manually.
The Superfish root certificate can be used to create certificates for any domain, and those certificates will be implicitly trusted by the browser on any Superfish-infected system, leaving victims vulnerable to man-in-the-middle attacks. To fix this, the certificate itself needs to be removed.
Read 16 remaining paragraphs | Comments