it.ucsf.edu

Security Update:Some Lenovo Laptop Users Vulnerable to Cyber Attacks Due to Adware Software

Status Type

Security Update

Date and Time

Tuesday, February 24, 2015 - 16:46

Reason

Security Vulnerability

Impact

Lenovo personal computer users

WHAT HAPPENED?

As of September 2014, computer manufacturer Lenovo began shipping Windows laptops preloaded with adware, Superfish VisualDiscovery. This adware makes users vulnerable to cyber attacks; such as viewing data encrypted with SSL technology.

Advanced Users: For a complete description of the vulnerability refer to US Computer Emergency Response Team’s Alert (TA15-051A) - Lenovo Superfish Adware Vulnerable to HTTPS Spoofing at https://www.us-cert.gov/ncas/alerts/TA15-051A.


AFFECTED SYSTEMS:

  • Lenovo personal computers acquired after August 2014



WHAT'S THE PROBLEM?

Remote attackers can read encrypted web traffic, redirect traffic from official websites to forged websites, and perform other attacks.


HOW DO I PROTECT MY COMPUTER?

Although Lenovo has stated they have discontinued the practice of pre-installing Superfish VisualDiscovery, the systems that came with the software already installed will continue to be vulnerable until corrective actions have been taken.


Uninstall Superfish VisualDiscovery and associated root CA certificate

 

  1. If you are supported by ITFS or have different IT support, no action on your part is required.
  2. If you do not have IT support or they do not support your computer, refer to US Computer Emergency Response Team’s Alert (TA15-051A) - Lenovo Superfish Adware Vulnerable to HTTPS Spoofing at https://www.us-cert.gov/ncas/alerts/TA15-051A on how to uninstall the software and remove the certificate.



RELATED LINKS