Lenovo today released a new tool that removes Superfish software completely from affected Lenovo PCs.
“Going forward, we feel quite strongly that we made a significant mistake here, or we missed something here,” Hortensius said. “We have procedures… where we asked the right questions, but we clearly didn’t do a thorough enough job on this. And we’re going to do a very deep investigation in what we do to make this better. We intend to do that work, and come back and let our users have input into what we need to do… and how we make sure we don’t ever repeat this again.”
“At the end of the day, we’re seeing clearly that we messed up,” Hortensius said.
PCs that may have included Superfish adware:
- G Series: G410, G510, G710, G40-70, G50-70, G40-30, G50-30, G40-45, G50-45
- U Series: U330P, U430P, U330Touch, U430Touch, U530Touch
- Y Series: Y430P, Y40-70, Y50-70
- Z Series: Z40-75, Z50-75, Z40-70, Z50-70
- S Series: S310, S410, S40-70, S415, S415Touch, S20-30, S20-30Touch
- Flex Series: Flex2 14D, Flex2 15D, Flex2 14, Flex2 15, Flex2 14(BTM), Flex2 15(BTM), Flex 10
- MIIX Series: MIIX2-8, MIIX2-10, MIIX2-11
- YOGA Series: YOGA2Pro-13, YOGA2-13, YOGA2-11BTM, YOGA2-11HSW E Series: E10-30
Lenovo is now working directly with Superfish and with other industry partners to ensure they address any possible security issues now and in the future. They are already working with McAfee and Microsoft to have the Superfish software and certificate quarantined or removed using their industry-leading tools and technologies. These actions have already started and will automatically fix the vulnerability even for users who are not currently aware of the problem.
Detailed information on these activities and tools for software removal are available here:
By the end of this month, Lenovo will announce a plan to help lead Lenovo and the industry forward with deeper knowledge, more understanding and even greater focus on issues surrounding adware, pre-installs and security.