As seen by the recent Superfish app debacle, software that comes preinstalled on a new PC shouldn’t always be trusted. Most of the time, the innate software on a device can be trusted; but the Superfish application is an exception. This app, which came preinstalled on new Lenovo PCs between the months of September and December of 2014, can potentially compromise the security of your machine.Superfish is an application that’s designed to help users find products that they are interested in purchasing through picture-taking technology. It’s imperative that any user of a Lenovo computer stop using this application immediately. Errata Security has labeled the app as a security threat, claiming that hackers are able to take advantage of it to access a user’s encrypted data, like passwords.
Whether or not you use Superfish isn’t the concern. The application, regardless of usage, is a threat in-and-of itself by just being installed on the device. Therefore, you should take steps immediately to remove it from your computer. Lenovo disabled the app on systems that had it installed when they found out it was an issue, but you still need to take action to get rid of it immediately.
One way to remove Superfish from your PC is to go to Windows Control Panel > Programs > Uninstall a Program. Now, locate Superfish on the list of programs > select it > and click Uninstall.
Unfortunately, removing preinstalled software that comes with a PC is much easier said than done. This kind of software, known as bloatware, is incredibly persistent, and it’s likely that you won’t be able to remove it from your PC by simply using the Windows Control Panel. In order to get rid of it completely, Lenovo has provided instructions and a removal tool through their support page.
Now is a good time to point out that when a new computer is purchased through Setton Consulting, we make sure to remove unneeded and potentially-harmful bloatware like Superfish. A move like this makes sure that a consumer app won’t come installed on a computer purchased for your business.
By following these instructions and using the removal tool, you can effectively get rid of the Superfish application on your device. However, it’s important not to jump the gun and assume you’re safe, now that the threat is gone. You’ll want to investigate your device to see if any hackers managed to take advantage of this brief window of opportunity. Before doing anything else, you should perform a virus scan, which will reveal whether or not anything managed to sneak into your device behind your back.
One security measure that can be taken post-Superfish includes changing your passwords for any online account. We understand that changing all of your online passwords can be a pain, but it’s in your best interest to do so on a regular basis anyway. This can help your business keep threats like Superfish, and other malicious entities like it, at bay.
If your company needs help getting rid of Superfish, Setton Consulting can help with our remote managed IT services. We can also provide a free IT assessment and network security audit that can help your business stay safe from not just Superfish, but all of the threat-level fish in the sea. Give us a call at 212-796-6061 to learn more.