Computer manufacturer Lenovo is in hot water this week after pre-installing software that tracks your Internet activity to show you personalized ads. While that sounds a little shady on its own, it gets even worse: Security experts say the software, called Superfish, can open up a nice big door that lets hackers intercept your data.
Lenovo said in a Thursday statement that it stopped pre-loading Superfish on laptops last month, and it won’t do so again in the future. Now, Lenovo is going a step further: It just posted instructions for Lenovo owners to tell if they have Superfish and, if they do, how to erase it.
That’s a significant backtrack for Lenovo: Earlier Thursday, the company said it could not “find any evidence to substantiate security concerns” over Superfish.
Security experts, however, disagreed. They say the problem with Superfish is that it’s able to scan your Internet activity even when you’re on encrypted sites by spoofing a website’s security certificate. Hackers can take advantage of that fake certificate process to steal your data while it’s in transit.
If you’ve got a Lenovo computer, it’s a good idea to follow these instructions to see if you have Superfish and get rid of it.