Lenovo CTO admits they messed up; releases guide to fix Superfish adware on laptops

Seems like finally the people who own laptops from Lenovo can take a break. Recently, news broke out that  Lenovo had pre-installed Superfish , a virus-like software which made laptops vulnerable to hackers. Though the company said that they would stop pre-installing this software, they have also released a tool to help users remove the adware from their laptops.

Lenovo has published its step-by-step guide for users to manually fix the adware. The report also added that to make sure the fix works, any Superfish-affected Windows user should update their version of Windows Defender within the program and scan it to the earliest.

Lenovo CTO Peter Hortensius has admitted to Re/Code that “We messed up.”

The problem stems from the fact that Superfish intercepts web traffic, including secure traffic, using a self-signed security certificate that could be used by attackers. He also added that, “We should have known going in that that was the case. We just flat-out missed it on this one, and did not appreciate the problem it was going to create.”

In an official  statement  released by the company, they said that, “We are working with McAfee and Microsoft to have the Superfish software and certificate quarantined or removed using their industry-leading tools and technologies.

Superfish is present on Lenovo laptops sold between September 2014 and January 2015. However, the company says that no Thinkpads were shipped with the adware.

Microsoft has also released a signature update for Windows Defender, the anti-malware software that’s built into Windows to enable it to both detect and remove the Superfish malware. The Verge also said that Windows Defender will reset any SSL certificates that were circumvented by Superfish and will restore the system to proper working order.