Skip to main content

Lenovo backtracks, issues Superfish security alert

posted onFebruary 23, 2015
by l33tdawg

US delivers official warning about traffic intercepting adware.

PC giant Lenovo has acknowledged that adware it pre-loaded on several notebooks can be used in man-in-the-middle interception attacks.

Lenovo originally said the Superfish adware was installed to "enhance the experience for users", attempting to play down concerns over the adware installing a fake digital certificate that gave it full access to customers' Transport Layer Security (TLS) authenticated and secure web browsing sessions. A researcher was able to easily extract the private key to the fake Superfish certificate, which would allow anyone on the same network as a target user to intercept and modify TLS traffic.

Source

Tags

Lenovo Security

You May Also Like

Recent News

Tuesday, November 19th

Friday, November 8th

Friday, November 1st

Tuesday, July 9th

Wednesday, July 3rd

Friday, June 28th

Thursday, June 27th

Thursday, June 13th

Wednesday, June 12th

Tuesday, June 11th