Skip to main content

Lenovo says it will cease preloading Superfish adware on its notebooks

Lenovo has said that the company will no longer be installing the Superfish software on consumer laptops, following a backlash from users who noticed the application was displaying third-party ads on Google search results and websites.

Learn more about malware and antivirus for Windows

Previously, Lenovo's community manager Mark Hopkins told members of the company's forums that Superfish would be "temporarily removed" from its laptops, but Lenovo's new press announcement would seem to indicate that the software won't be installed at all in the future. Lenovo's full statement on the matter is as follows:

"Superfish was previously included on some consumer notebook products shipped in a short window between October and December to help customers potentially discover interesting products while shopping. However, user feedback was not positive, and we responded quickly and decisively:"

  • Superfish has completely disabled server side interactions (since January) on all Lenovo products so that the product is no longer active. This disables Superfish for all products in market.
  • Lenovo stopped preloading the software in January.
  • We will not preload this software in the future.

"We have thoroughly investigated this technology and do not find any evidence to substantiate security concerns. But we know that users reacted to this issue with concern, and so we have taken direct action to stop shipping any products with this software. We will continue to review what we do and how we do it in order to ensure we put our user needs, experience and priorities first."

"To be clear, Superfish technology is purely based on contextual/image and not behavioral. It does not profile nor monitor user behavior. It does not record user information. It does not know who the user is. Users are not tracked nor re-targeted. Every session is independent. Users are given a choice whether or not to use the product. The relationship with Superfish is not financially significant; our goal was to enhance the experience for users. We recognize that the software did not meet that goal and have acted quickly and decisively."

"We are providing support on our forums for any user with concerns. Our goal is to find technologies that best serve users. In this case, we have responded quickly to negative feedback, and taken decisive actions to ensure that we address these concerns. If users still wish to take further action, detailed information is available at http://forums.lenovo.com."

Source: Lenovo (opens in new tab)

57 Comments
  • Well this is precisely why I use surface and Lumia. I can't trust these OEMs with their shady stuff they like to implement. Guess it is good that this controversy got them to remove it.
  • Most big issue is that they did not inform users about this adware earlier.
  • Microsoft all the way..!!
  • Agreed
  • I've got a Lenovo gaming laptop. Saw that they installed shit on it so after a month or two I DL win8 iso and reset the whole pc. Remove partitions.
    Now it's a normal laptop with their specs. Lenovo ain't gonna touch shit.
  • Also this is precisely why I change ssds and install a fresh os on all my devices (bar the sp3, did reinstall though, but it's a dev vehicle anyway). Though this relates to consumer machines, many Enterprise customers won't go near Lenovo due to junk they were installing on those devices. Where my firm is based (Canary Wharf, London) a security built-in led to most offices divesting themselves of their Lenovo gear. And Huwei tech. This is why I don't like tech where things are soldered on, or it's hard to get at at least the main drive. At least they've done something - took em from early September last year. Why do I get the feeling of this didn't get publicity they'd carry on?
  • Do you use Google in any way? If so, OEMs are only a small part of the perceived issue.
  • I'm behind a vpn and employ adblocking. They can think I'm in Hong Kong all they want, and give me random ads but most of the time that doesn't happen - and I definitely don't log in.
    But I understand what you mean - the difference is one doesn't expect their laptop to do this. Lenovo never told anyone or asked permission. You can get round google but this insidious tinkering... No. Not on. It's about choice. I don't impulse buy. If I want something I buy it. Whenever we've purchased Lenovo devices the hdd is swapped. Shame it comes to this. The oem isn't a small part of a perceived issue - who on earth do they think they are? This is precisely certain institutions have removed Lenovo (and other Chinese OEMs) from their authorised buying lists. This is a whole different mess to google ads.
  • Before I comment further, I want to make it clear, I am not defending nor do I agree with Lenovo in any way. In general I am not yet sure how I feel about data mining and targeted ads. They have their merits, but it still concerns me for many reasons. Lastly on Lenovo, from what I read earlier, it is a piece of software that can be remove via add/remove programs, so it wasn't hidden, it just wasn't made clear. Before I started buying Surface, the first thing I would do on any new machine was to go through the installed software and remove everything.   Ok... now on to google. No, they don't hide it, but many still don't understand their business model. Case in point: My brother is a pretty heavy google fan boy (we get into some interestingly heated discussions) and has our grandma set up with all google products for her limited computing needs. She asked me something about my Gmail. I explained to her why I do not use google products (well, the ad/data part. I didn’t get into how I feel about how their other policies in general) Once she understood how she was receiving the free product, she was slightly mortified. (again, we could argue about how they run their business, but as I already stated, I am not yet sure how I feel about all of it) My point is, I am not convinced the majority of users actually know or even understand how companies (even the large company that I work for, though at a much smaller scale than google) like google earn their revenue. This is a much larger issue than what Lenovo has done. With this, it is unnerving to me right now about how much data on us is being collected. If data is stored, it is not secure. To your comment on swapping the HDD, that is great idea. Seems like BS that we would even think that we need to do that, but good idea. Sorry for the book, but I have made a few short comments today in a few articles and I thought I should take the time to expalin myself now that I have the time.
  • Good thing!
  • They need to provide a patch to remove it from the actual systems.  Just because you don't use something installed anymore as a company doesn't mean that someone else won't.  Perfect example:  Riot games included the Pando Media Booster to increase install times.  Pando got bought out, and the next company started using it as adware.  Riot kept distributing it until 3/4 through 2014. 
  • Wouldn't it could be simply uninstalled?
  • That would be good
  • Two words "Microsoft Signature". *drops mic*
  • *Picks mic* "What's that ?"
  • If you buy from the Microsoft store you can be sure it is just pure Windows if it has the Microsoft Signature stamp of approval
  • "Microsoft Signature Edition ... is fine-tuned for fast performance from the second you turn it on. It comes protected with premium, free anti-virus software that never expires. And best of all, it comes without any annoying junkware or trialware, giving you peace of mind that your tablet will always be clean, fast, and protected."
  • That's nice.
  • A perfect bundle for a perfect PC/laptop/tablet and Surface.
  • http://lmgtfy.com/?q=microsoft+signature
  • Wow. That's an offensive post. Why not try: http://www.bing.com/?q=microsoft+signature It's a shorter url as well. Top result is the one you want. Can't get any better.
  • Or better this one:
    http://letmebingthatforyou.com/?q=microsft%20signature
  • LOL
  • That's how I got my Lenovo!
  • For me it is too late. I will not buy anything from them in the future.
  • "The relationship with Superfish is not financially significant; our goal was to enhance the experience for users." Rrrrerriiiiiiiiiigggggggghhhhhhhhhttttttt, because adware does SO MUCH to enhance the user experience.
  • That's why people hate Ad Blockers.
  • That's what I hear users calling for every day. If only there was a browser plugin to override my search results with paid advertising to help me "potentially discover interesting products". This is clearly what the market has been clamouring for, right?
  • Ya, that's the biggest horseshit statement I've heard from any OEM. They just look more foolish making statements like that.
  • I've already blacklisted Lenovo and will highly recommend my contacts to avoid this brand.
  • Since Thinkpads are pretty much dead anyway (unless you like the tank -> bling conversion they had), do you know any viable alternatives for the future?
  • And every other company that mines data? Most companies do in some way. I am not a fan, but this is BAU for most companies we use on a daily basis.
  • I guess good. On the other hand, kind of ironic given how 1) Google is mining all your online activity to sell it to the highest advertising bidder.. but "ooh Google search is sooooo good". :P  2) this Superfish "tool" might actually give less biased shopping advice. :D
     
  • My never find advertising on internet useful from consumers point of view. I hate some sites which continuously pop up ads.
  • Acutally this Superfish goes far beyond that.. It acts a man-in the middle attack. It installs its on CA (Certificate Authority), it can intercept secure connections and authenticate against itself. The user is oblivious to all this going on. Imagine a user doing online banking with this Superfish adware running.. The program can intercept your connection to your bank thereby gaining access to your information.
  • im dreaming about a Surface .
    doesn't take much to break confidence . they could hide something else...
  • It tales years to build trust but some moments to break it.
  • What's the problem? It's a nice tool, that doesn't track you. Of course it has to be easy to deactivate it.
  • The problem is that it breaks all SSL encryption and does a MITM attack even when "disabled"
  • More info here: http://www.msn.com/en-us/news/technology/lenovo-installed-software-making-laptops-vulnerable-to-hacking-experts/ar-BBhKbPo  
  • they can keep it as an option. the only reason they make such apps is to spy on us and track us.
  • Just curious. Is it only google results all search engine results including bing??
  • Microsoft or Apple it is. This is why I'll never buy an Android phone or Lenovo computers again.
  • Won't install SuperFish, will look for other adware instead. 
  • Consumers should simply STOP patronizing companys that resort to these tactics. Just don't buy their products, period.
  • Unfortunately that is most companies...
  • These OEMs need to remove all this bloatware crap. I understand this is how they make extra cash, but it's a horrible experience and really damages both Microsoft's and the OEMs reputation. It's disgusting.
  • Damage is done.  Lenovo should never have even tried this.  Huwaei is already on the "do not buy or recommend" list for their choices.  Now Lenovo joins them.  The very idea that some series of management decisions put this forward as actionable on selling products tells me all I need to know about the management of the products.  They said "consumer products" so they KNOW what they were doing wrong and were careful not to try to enrage business customers.  So with knowledge they proceeded to try and get away with it in the consumer space.  I'll probably never so much as touch a Lenovo product ever again.  Good job Lenovo.  You will probably start the "fake" firing of execs (and then secretly hiring them back under subsidiaries) that goes on so often in China.  Good luck with that.
  • I prefer buying from the Microsoft store since their products don't come with bloatware or other crap like this
  • This is why I buy my PCs from the Microsoft Store. They remove all the crapware.
  • i will never ever buy a Lenovo again. 
  • What scumbags
  • I had been thinking of picking up a yoga recently. Ain't gonna happen now. Regardless of what they say or what they remove from their computers at this point, the fact that they would do this or anything like this means I will never throw them a single dime of my money.
  • I seriously hope this is the end for Lenovo. This isn't software, it isn't bloatware this is a full blown piece of malware. just uninstalling the software on computers doesn't remove the certificate that this piece of malware installed in the trusted store, so even after removing the malware, users could still be suspetible to a MIT attack, certainly since the private key is easily retrieveable. For people that are effected I would urge them to obtain a Windows install media, and not just reinstalling the OS but also clearing any partition on the system, especially the OEM and recovery partition, as chances are, the malware is included on those partitions as well. Alternatively, send the product back to Lenovo and demand a full refund. Afterwards, sue them for all they are worth, they knowingly played with your privacy and data, that alone should be reason enough for legal action. I hope the EU will hand Lenovo an import ban immediately.  
  • Do I have to be concern with my Lenovo Thinkpad 8 Pro tablet? How can I removed it from my tablet?
  • Too late, I will never buy one due to their past policy,...
  • Never not buying a Windows Signature device again. Lenovo is dead to me.   This is an example of a case where I sincerely want the Justice Department and the EU to come in hard with the hammer. This type of bullshit should utterly destroy companies like Lenovo to ensure no one else is tempted to exploit their customers in such a dangerous way. They burned a lot of calories beating MS up over anti-competitive stuff...this should be treated twice as harshly.   Lenovo's repsonse is dispicable. Microsoft needs to force their OEM to stop modifying Windows and only allow vanilla installations if they want the discounted licensing.