Microsoft & Lenovo race to patch Superfish vulnerability
Microsoft and Lenovo are racing to patch a recently identified vulnerability in their Superfish software after security experts revealed it could potentially be co-opted by hackers to steal personal information.
Lenovo pre-installed the flawed code on some of their devices, placing them at the centre of a consumer backlash as owners digested the news that hackers could conceivably impersonate secure websites to obtain credit card numbers and much else.
In an effort to allay some concerns Lenovo has published a list of 11 laptops affected by the scare, including its popular Yoga and Flex models, which allowed shoppers to search for deals based on the image of a product they are looking for.
This came unstuck however when researchers discovered that the software would override tough website encryption for a weak version of its own, presenting those with ill intent with an open door.
In an effort to divert blame for the public relations catastrophe Superfish CEO Adi Pinhas has pointed the finger of blame at Israeli tech start-up Komodia, which he claimed has ‘unintentionally’ introduced
Microsoft has separately updated its Windows security software to find and remove the software from Windows enabled devices until the software can be patched.