Computer manufacturer Lenovo is in hot water this week after pre-installing software that tracks your Internet activity to show you personalized ads. While that sounds a little shady on its own, it gets even worse: Security experts say the software, called Superfish, can open up a nice big door that lets hackers intercept your data.
Lenovo said in a Thursday statement that it stopped pre-loading Superfish on laptops last month, and it won’t do so again in the future. Now, Lenovo is going a step further: It just posted instructions for Lenovo owners to tell if they have Superfish and, if they do, how to erase it.
That’s a significant backtrack for Lenovo: Earlier Thursday, the company said it could not “find any evidence to substantiate security concerns” over Superfish.
Security experts, however, disagreed. They say the problem with Superfish is that it’s able to scan your Internet activity even when you’re on encrypted sites by spoofing a website’s security certificate. Hackers can take advantage of that fake certificate process to steal your data while it’s in transit.
If you’ve got a Lenovo computer, it’s a good idea to follow these instructions to see if you have Superfish and get rid of it.
More Must-Reads from TIME
- Donald Trump Is TIME's 2024 Person of the Year
- Why We Chose Trump as Person of the Year
- Is Intermittent Fasting Good or Bad for You?
- The 100 Must-Read Books of 2024
- The 20 Best Christmas TV Episodes
- Column: If Optimism Feels Ridiculous Now, Try Hope
- The Future of Climate Action Is Trade Policy
- Merle Bombardieri Is Helping People Make the Baby Decision
Contact us at letters@time.com