Buy a new Lenovo computer recently? Well,it looks like it could be infected with some factory-installed adware. Users on the official Lenovo forums started noticing that search results were being injected with sponsored links (like what happens when a machine is infected with typical adware or spyware) as far back as last September,and some even report that sites including Kelley Blue Book and JetBlue wouldn't render properly at all. This apparently isn't the only problem,however. As Facebook engineer Mike Shaver recently discovered,the program at fault, Superfish,appears to install a man-in-the-middle certificate that allows outside parties to take a peek at secure websites you might be visiting,too. Like your bank's,for example.
Computer maker Lenovo has been forced to remove hidden adware that it was shipping on its laptops and PCs after users expressed anger.
The adware - dubbed Superfish - was potentially compromising their security, said experts.
The hidden software was also injecting adverts on to browsers using techniques more akin to malware,they added.
Lenovo faces questions about why and for how long it was pre-installed on machines - and what data was collected.
The company told the BBC in a statement: "Lenovo removed Superfish from the preloads of new consumer systems in January 2015. At the same time Superfish disabled existing Lenovo machines in the market from activating Superfish.