Lenovo, the world’s largest computer vendor is shipping adware and spyware-infected computers. The China-based company has been installing an adware and spyware called Superfish on its consumer computers that injects third-party ads on Google searches, TNW reports. The adware in question seems to affect most of the popular Web browsers including Chrome and Internet Explorer.
The company was notified of the unusual and unwanted behavior of Superfish back last month, after which the computer vendor temporarily removed the adware from the system.
“We have temporarily removed Superfish from our consumer systems until such time as Superfish is able to provide a software build that addresses these issues. As for units already in market, we have requested that Superfish auto-update a fix that addresses these issues,” wrote Mark Hopkins, a Lenovo community administrator.
The company had also pointed out that Superfish is installed on its computers to help users discover best deals. It “helps users find and discover products visually” and “instantly analyzes images on the web and presents identical and similar product offers that may have lower prices.” While not being as straightforward, the software also gives users the ability to disable by simply refusing to accept the terms and agreements.
A couple of things about that:
- Typically, these bloatware tools are shipped with the computer. When a user turns it on, it is already there.
- A user expects that the software the company has pre-installed on the system are useful and are placed there to enrich the overall experience.
But that doesn’t end there. Several users have also pointed out on the company’s forum that the adware installs its own self-signed certificate authority, which could allow it to eavesdrop on secured connections. If this is actually what’s happening — which seems likely from the screenshots and other details users have shared — Superfish is doing much more than just inserting ads on Google searches.
Superfish has been identified as an adware as well as spyware by many security suites.