Lenovo installing adware
Lenovo has been installing an adware named Superfish onto new computers. The adware gets installed automatically when the computer is started for the first time. The adware injects third-party ads on Google searches and websites without the user’s permission.
Mark Hopkins, a Lenovo forum administrator reported that the adware will be removed temporarily from the new systems after the complaints from the users:
Hopkins even defended the Lenovo’s move of installing Superfish.
Other users are also reporting that the adware is actually instally installing its own self-signed certificate authority which allows the adware to snoop on secure connections like banking transactions.
This is a malicious technique commonly known as a man-in-the middle attack, where the certificate allows the software to decrypt secure requests, yet Lenovo appears to be shipping this software with some of its products out of the box.
Currently, Internet Explorer and Google Chrome is affected while the Mozilla Firefox is not affected by the SSL man-in-the-middle attack as it maintains its own certificate store.
If you suspect that your computer is affected by this adware, you can check it here. Instructions for removal of Superfish has been given by the Lenovo.