Lenovo is to cut bloatware on its PCs to prevent security concerns triggered by the Superfish adware that led to a compromised HTTPS protocol.
The Superfish adware preloaded on Lenovo consumer notebooks from September 2014 caused great concern from privacy and security groups because it could potentially allow attackers to access encrypted data when it inserted visual search results into a browser.
This is because it used a self-signed security certificate, which, if compromised, could have provided hackers with access to all of a user's browser data - regardless of whether it had been encrypted.
Now, Lenovo said it will remove all adware and bloatware from new devices, offering tools to customers that can remove Superfish, as well as a free six-month subscription to McAfee LiveSafe service or, for existing users of the security software, a six-month extension on their existing plan.
The company said in a statement: "The events of last week reinforce the principle that customer experience, security and privacy must be our top priorities. With this in mind, we will significantly reduce preloaded applications. Our goal is clear: To become the leader in providing cleaner, safer PCs."
It will, however, include software that is "customarily expected" in some countries, which could, for example be default search engines and browsers in countries outside Western Europe.
"We are starting [to roll this out] immediately, and by the time we launch our Windows 10 products, our standard image will only include the operating system and related software, software required to make hardware work well (for example, when we include unique hardware in our devices, like a 3D camera), security software and Lenovo applications," the company added.
It plans to list all the software preloaded on its PCs and explain what it's all for to prevent the surprise of unwanted preinstalled software.
-
Hounslow Council partners with Amazon Web Services (AWS) to build resilience and transition away from legacy techSpomsored One of the most diverse and fastest-growing boroughs in London has completed a massive cloud migration project. Supported by AWS, it was able to work through any challenges
-
Salesforce targets better data, simpler licensing to spur Agentforce adoptionNews The combination of Agentforce 360, Data 360, and Informatica is more context for enterprise AI than ever before
-
New Adload malware bypasses Apple’s XProtect to infect macOS devicesNews Old malware retooled to evade Apple defenses
-
Common malware slipped past the macOS notarization process twiceNews Apple immediately revoked the notarization, but the adware slipped through again
-
Researchers blast Swedish developer WakeNet AB for ‘deceptively’ spreading adwareNews Bad actors are using tools like 'embed movie' to coax victims into installing software that house adware
-
Zacinlo malware threatens Windows 10 PCs' securityNews Malware takes screenshots of users' desktops, and has been operating silently for six years
-
Facebook warns of new Superfish threatNews The fake security certificate used by the Lenovo-installed adware can be re-used by hackers, says social network
-
Yahoo serves up New Year malware to European customersNews Malicious adverts infect users’ computers.
-
Malwarebytes flags fake Flash updateNews Unusual and inappropriate ads injected into websites.
-
File sharing infects 500,000 computersNews McAfee reveal details on what it calls the most significant malware outbreak since 2005, as peer-to-peer networks look under threat.
