Advertisement

We need your help now

Support from readers like you keeps The Journal open.

You are visiting us because we have something you value. Independent, unbiased news that tells the truth. Advertising revenue goes some way to support our mission, but this year it has not been enough.

If you've seen value in our reporting, please contribute what you can, so we can continue to produce accurate and meaningful journalism. For everyone who needs it.

Shutterstock/Mikkel Bigandt
fixing it

Lenovo is really sorry for effectively putting malware on its PCs

Like, it’s really, really sorry.

LENOVO HAS APOLOGISED for including malware in a number of notebooks it released in previous months.

The company’s Chief Technology Officer Peter Hortensius apologised for uploading Superfish on a number of laptops, which caused a number of security issues, and promised that a similar situation wouldn’t happen again.

Clearly this issue has caused concern among our customers, partners and those who care about Lenovo, our industry and technology in general.  For this, I would like to again apologize. Now, I want to start the process of keeping you up to date on how we are working to fix the problem and restore your faith in Lenovo.

As well as stopping the preloads of Superfish, Lenovo is looking at protecting future devices and ensure that a similar situation doesn’t occur again. It’s putting together what it calls ” a concrete plan to address software vulnerabilities and security with defined actions” to ensure a similar incident wouldn’t occur again.

While Hortensius stressed that the malware was limited to just its notebooks, he said that the company is determined to “make this situation better, deliver safer and more secure products and help our industry address – and prevent – the kind of vulnerabilities that were exposed in the last week.”

Superfish was a software add-on which brought up extra ads when you were browsing a site, even if it was HTTPS. However, a major flaw in its code allowed any hacker to conduct a man-in-the-middle attack, allowing them to intercept messages or change them, exposing passwords, financial information and personal information.

A day after the flaw was revealed, Microsoft and McAfee offered a security patch that removed the offending programme from systems.

Read: Apple Pay just got two major rivals all of a sudden >

Read: Samsung may be ditching the plastic for good for its next big phone >

Your Voice
Readers Comments
22
    Submit a report
    Please help us understand how this comment violates our community guidelines.
    Thank you for the feedback
    Your feedback has been sent to our team for review.