Microsoft has updated Windows Defender to help users clean up after a piece of adware that was pre-installed on some Lenovo consumer laptops and compromises their security.
The free anti-malware app will now delete the Superfish software that was used to inject ads into users’ browsing sessions and the self-signed root SSL certificate Superfish installed that can allow attackers to snoop on their secure web browsing sessions. Superfish was pre-installed on some Lenovo consumer laptops between September and December of last year, and while it was possible for users to opt-out of the software’s ads, it would still install the SSL certificate.
Lenovo has published a list of models that shipped with the software pre-installed, and people who want to see if they’re affected can use this website. Users who are affected should update and run Windows Defender as soon as possible so they’re not at risk of attack.
Businesses shouldn’t have to worry about Superfish – Lenovo said in a statement that it was never pre-installed on computers or servers that were shipped to businesses, and the company has stopped pre-installing it altogether on computers it is currently shipping.