Copyright 2021 Simon Quantrill, All Rights Reserved

Superfish vulnerability adware pre-installed on computer systems

Sat 21 February 2015 virus / superfish / adware /

Through the years computer manufactures in a bid to provide, “more for less”, tend to package together software with their hardware. This software usually fits fairly well with the PC and is normally quite useful to the new pc owner. However sometimes this does go wrong, as in the recent events when a company pre-loaded software on to a range of their notebooks, and it was discovered that it was in fact adware. Adware, can be defined as any software package that as the ability to automatically display unwanted advertisements with the end intention to generate revenue for the owner of the adware software. Advertisement can be displayed anywhere at anytime on the ‘infected’, machine, and is generally quite annoying. Adware, also has the possibility of running in-built functionality this is generally used to allow the adware author to focus advertisements based on your browser history. But basically it can analyse the internet websites you visit with your internet browser. In this case adware developed by an American advertising company, was found to be a potential security threat for its users as it allowed potential cyberattacks including inception of passwords and sensitive data traversing through the webbrowser. 20th Feb 2015, American Homeland Security has recommended that people using Lenovo notebooks remove this software completely from their machine to avoid potential cyberattacks. What is quite disturbing here is that the underlying libraries used by this adware is also used with a family security product called KeepMyFamilySecure. During research it turns out that there are many software packages currently known to be effected by this issue. Vendor Category Date Notified Date Updated Atom Security, Inc Affected 20 Feb 2015 20 Feb 2015 KeepMyFamilySecure Affected 19 Feb 2015 20 Feb 2015 Komodia Affected 19 Feb 2015 20 Feb 2015 Kurupira Affected - 20 Feb 2015 Lavasoft Affected 20 Feb 2015 20 Feb 2015 Lenovo Affected 19 Feb 2015 20 Feb 2015 Qustodio Affected 19 Feb 2015 20 Feb 2015 Superfish Affected 19 Feb 2015 20 Feb 2015 Websecure Ltd Affected 20 Feb 2015 20 Feb 2015

How to clean it up Somebody has setup a quick check for your browser you can goto Check Superfish. Lifehacker has provided a manual way to remove the VisualDiscovery software: My recommended, alternative method is to use Emsisoft malware tools Or you can of course do the removal manually for the VisualDiscovery software, this doesn’t cover other infections though, so beware that you might not be safe. How to scan for and remove Superfish from your computer manually If you suspect you have the adware Superfish on your computer, perform a scan with the free Emsisoft Emergency Kit which flags the adware on your computer. To remove Superfish, perform the following steps: Press the Windows key + “R” to open the run window. Type “certmgr.msc” and hit Enter to open the Windows Certificate Manager. Navigate to “Trusted Root Certification Authorities” and its sub-element “Certificates” in the folder tree to the left. Check for the certificate entry “Superfish, Inc” on the right side of the window. Select it and press the Delete key or right-click and select “Delete”. Now, your browser doesn’t trust made-up SSL certificates of that adware anymore and you’re on the safe side.

on the top