Microsoft has updated their Malicious Software Removal Tool to recognize and remove the Superfish adware that was added to many Lenovo PCs by the manufacturer. The dangerous thing about the Superfish software is that it replaces the security certificates on the PC with its own and could make computers vulnerable to attack.
Microsoft added detection and a repair solution for Superfish and also shared information about the detection with their partners to help clean up the issue across the industry. The clean-up is specifically for Lenovo machines, since they are the only place this particular version of Superfish is installed.
According to numbers from Microsoft, at the peak of the removal process, some 60,000 machines per day were detecting and removing the Superfish program.
If you aren’t familiar with Superfish, the program puts ads onto web sites while you browse the web. If you happen to be looking at a site about shoes, it will display extra advertisements featuring shoes. While this could be annoying, it’s not normally a security risk. The particular version of Superfish, installed on the Lenovo PCs, has a security vulnerability in a self-signed root certificate that could make it appear as if an insecure site was indeed secure. Users could have their HTTPS traffic modified or hijacked. Personal data and passwords could have been stolen from banking, e-mail and other sites.
It could also make unknown executable files appear to be safe. Microsoft gives the following example of how a suspicious file might appear on a computer without Superfish and how could be disguised on one running Superfish.
If you run Microsoft Security Essentials or Windows Defender, this issue is already resolved if you are set automatic updates. If not, now is a good time to run Windows updates. If you use third-party security software, the latest updates to that software should take care of the issue.
If you’re using Firefox, you can download their Superfish removal tool by clicking here.