How to Remove Superfish Adware From Your Lenovo Computer
We recently learned that PC manufacturer Lenovo is selling computers preinstalled with a dangerous piece of software, called Superfish, that uses a man-in-the-middle attack to break Windows' encrypted Web connections for the sake of advertising. (Here's a list of affected products.) Research from EFF's Decentralized SSL Observatory has seen many thousands of Superfish certificates that have all been signed with the same root certificate, showing that HTTPS security for at least Internet Explorer, Chrome, and Safari for Windows, on all of these Lenovo laptops, is now broken. Firefox users also have the problem, because Superfish also inserts its certificate into the Firefox root store.
This is a serious security issue. For example, shortly after this news became widespread, security researcher Robert Graham was able to extract the certificate from the Superfish adware and quickly cracked the password. With this password, a malicious attacker would be able to intercept encrypted communications on the same network (like at a cafe Wi-Fi hotspot).
To find out if this issue affects you, go to Filippo Valsorda's Superfish CA test page in Internet Explorer or Chrome first. If you see a "YES," follow these instructions (courtesy of Valsorda and from Lenovo's instructions) for removal:
Step I: Uninstall the Superfish software
- Open the Windows Start menu or Start screen and search for Uninstall a program. Launch it.
- Right-click Superfish Inc VisualDiscovery and select Uninstall. When prompted, enter your administrator password.
Step II: Remove the certificate from Windows
- Open the Windows Start menu or Start screen and search for certmgr.msc. Right-click it and select Launch as Administrator.
- Click Trusted Root Certification Authorities and open Certificates.
- Scroll down or use find to get to the Superfish, Inc. certificate.
- Right-click it and select Delete. If you don’t see the option to delete it, you may not be running as an administrator (See step 1).
Step III: Remove the certificate from Firefox
This might or might not be needed, but check to be sure.
- Go to Options/Preferences.
- Click Advanced, then Certificates.
- Click View Certificates.
- Look for Superfish, if it's there, click it and then click Delete or Distrust.
Step IV: Restart your browser
Close or quit your Web browser(s) completely. You can also restart your computer.
Step V: Check again
Load the test page again from both Chrome/IE and from Firefox and make sure you get a No this time.
Note: The test might still be stuck on the old result. If after you follow the steps to remove Superfish you still get a YES, visit canibesuperphished.com. If you are warned by your web browser before you can access the site, Superfish has been successfully removed.
Congratulations, you fixed your new laptop! It might be a good idea to change important passwords now. (It's always a good idea anyway.)
Thanks to Filippo Valsorda for letting us use his how-to guide!
Recent DeepLinks Posts
Feb 27, 2017
Feb 24, 2017
Feb 24, 2017
Feb 24, 2017
Feb 24, 2017
- Fair Use and Intellectual Property: Defending the Balance
- Free Speech
- UK Investigatory Powers Bill
- Know Your Rights
- Trade Agreements and Digital Rights
- State-Sponsored Malware
- Abortion Reporting
- Analog Hole
- Anti-Counterfeiting Trade Agreement
- Artificial Intelligence & Machine Learning
- Bloggers' Rights
- Border Searches
- Broadcast Flag
- Broadcasting Treaty
- Cell Tracking
- Coders' Rights Project
- Computer Fraud And Abuse Act Reform
- Content Blocking
- Copyright Trolls
- Council of Europe
- Cyber Security Legislation
- Defend Your Right to Repair!
- Development Agenda
- Digital Books
- Digital Radio
- Digital Video
- DMCA Rulemaking
- Do Not Track
- E-Voting Rights
- EFF Europe
- Electronic Frontier Alliance
- Encrypting the Web
- Export Controls
- Eyes, Ears & Nodes Podcast
- FAQs for Lodsys Targets
- File Sharing
- Fixing Copyright? The 2013-2016 Copyright Review Process
- Genetic Information Privacy
- Government Hacking and Subversion of Digital Security
- Hollywood v. DVD
- How Patents Hinder Innovation (Graphic)
- International Privacy Standards
- Internet Governance Forum
- Law Enforcement Access
- Legislative Solutions for Patent Reform
- Locational Privacy
- Mandatory Data Retention
- Mandatory National IDs and Biometric Databases
- Mass Surveillance Technologies
- Medical Privacy
- Mobile devices
- National Security and Medical Information
- National Security Letters
- Net Neutrality
- No Downtime for Free Speech
- NSA Spying
- Offline : Imprisoned Bloggers and Technologists
- Online Behavioral Tracking
- Open Access
- Open Wireless
- Patent Busting Project
- Patent Trolls
- PATRIOT Act
- Pen Trap
- Policy Analysis
- Public Health Reporting and Hospital Discharge Data
- Reading Accessibility
- Real ID
- Reclaim Invention
- Search Engines
- Search Incident to Arrest
- Section 230 of the Communications Decency Act
- Shadow Regulation
- Social Networks
- SOPA/PIPA: Internet Blacklist Legislation
- Student Privacy
- Stupid Patent of the Month
- Surveillance and Human Rights
- Surveillance Drones
- Terms Of (Ab)Use
- Test Your ISP
- The "Six Strikes" Copyright Surveillance Machine
- The Global Network Initiative
- The Law and Medical Privacy
- TPP's Copyright Trap
- Trans-Pacific Partnership Agreement
- Travel Screening
- Trusted Computing
- Video Games