2 min read

Lenovo addresses SuperFish snafu with the channel

Security & PrivacyLenovo

Lenovo today took steps to ease channel concerns regarding SuperFish adware on their systems.

The vendor sent out a letter to channel partners admitting it pre-installing Superfish adware on consumer notebooks in September of last year running up to December. Lenovo did stop pre-loading SuperFish, which has led to notebooks being vulnerable to hacks, sometime before the start of the New Year.

In the Lenovo statement, the company said SuperFish is a shopping aid to consumers and also a TrustE certified third-party software vendor based in Palo Alto, Calif.

However, user feedback to SuperFish was not positive, according to the Lenovo letter. Lenovo users thought it would open them up to security concerns.

Lenovo did say in the letter than the SuperFish software was not loaded onto any ThinkPad branded notebooks, desktops, tablets, workstations, servers or smartphones and the only impacted models are:

  • Z-series;
  • Y-series;
  • U-series;
  • G-series;
  • S-series;
  • Flex-series;
  • Yoga;
  • Miix; and
  • E-series.

One part of the letter read: “We wanted to let you know that we take user feedback seriously at Lenovo. We know that millions of people rely on our devices every day, and it is our responsibility to deliver quality, reliability, innovation and security to each and every customer. We make every effort to provide a great user experience for our customers. We recognize that the Superfish software has caused concern. Lenovo has taken steps to address that concern.”

What Lenovo told the channel in this letter is that it has completely disabled SuperFish on server side interactions since January on all Lenovo products so that the software is no longer active, stopped pre-loading the software and will not pre-load it again in the future, and provided instructions for uninstalling the software and is about to provide a removal patch soon.

The company also provided a support Web site for more information http://support.lenovo.com/ca/en/product_security/superfish.