Lenovo is in hot water today after a significant security hole was unearthed, potentially affect its entire consumer PC range.
Superfish, an adware program that ships with all consumer PCs from Lenovo, uses a man-in-the-middle certificate to inject ads into internet browsers. If compromised, the service could grant third-parties access to a user’s browser data.
We contacted Lenovo for comment but did not hear back from the company at the time of writing.
Writing on a customer forum in January, company representative Mark Hopkins confirmed customers’ suspicions that Lenovo pre-loads software from the ‘visual search’ company, as The Next Web reported. He further explained that the software had been “temporarily removed” due to “some issues,” which apparently included unexplained pop-ops. Superfish had been told to push an update to existing devices in the market, he added.
Pre-installs are unpopular with consumers, who understandably want their devices to be clean running out of the box, but in reality some…
View original post 249 more words