Windows Defender can remove Superfish and its root certificate from Lenovo notebooks

The controversial Superfish adware that was pre-installed on some Lenovo notebooks in the fall of 2014 can be removed with Microsoft's free Windows Defender program. It can also get rid of its root certificate, which has already been proven to be easily cracked by security researchers.

Learn more about malware and antivirus for Windows

Microsoft has apparently updated Windows Defender to detect Superfish as malware, according to security researchers such as Filippo Valsord who posted word about this development on his Twitter account. Superfish placed third-party ads on Google search results and websites for owners of the affected Lenovo notebooks.

Windows Defender

Meanwhile, Lenovo has updated its own forum post on how to uninstall Superfish on its notebooks (opens in new tab), including how to get rid of the root certificate. The PC maker has already stated that it stopped installing Superfish in its notebooks in January and it won't be placing the adware inside its PCs anymore.

Source: Filippo Valsord (Twitter)

72 Comments
  • Well, I don't have the malware and I qualify for that sales period. Guess I scared it away :P
  • Well it was the Ideal Line - do you have this as well?
  • What if they now installing other adware instead of *superfish*. I can't believe them after all these things
  • At least defender beat it's ass. Funny when we just had virus software articles and some claimed defender was good enough, while others said those with only defender are fooling themselves. Who knows, really.
  • Well.. In this matter, Microsoft add Superfish to their database "After" the discovery... So I may bet as well, that other respectable Antivirus software will do the same.
  • Screw Lenovo's! :D https://www.facebook.com/brianl1985
  • That's awful Lenovo, i see another Toyota slump in PC market
  • Toyota? Wtf dude
  • Interesting. I thought about that same comparison. Glad to see I'm not alone.
  • I'd like to know about Toyota's, please?
  • They had gas pedal issues. All is well now AFAIK. A lot of car manufacturers took advantage of the bad press and offered incentices to people trading in Toyotas for newer cars. http://www.registercitizen.com/general-news/20100127/toyota-recalls-camry-8-other-models-over-gas-pedal-problem
  • For the most part they had stupid people jamming down on the wrong pedal and then forgetting how to put the car in neutral or hold the start button for two seconds... But yeah you can call that a gas pedal issue I guess.
  • I guess if you want to defend and be kiss ass to Toyota you can role with that excuse.
  • In other words, you were holdong the pedal wrong. Except in this case you could actually die because of the way you held the pedal.
  • I thought of Sony :-\
  • Fry that fish!!!
  • Best comment
  • He probably got it from Neowin
  • That's actually kind of bold for Microsoft. I like it.
  • Not bold, it will detect any software that maybe a harmful, threat, or just spam...regardless if it's by a reputable company. Dell and HP have been known to do the same thing.
  • Yes, but Microsoft could have easily waited until Patch Tuesday to modify the Malicious Software Removal Tool to do all the heavy work. Building it into Windows Defender is a far more aggressive move than we are used to from Microsoft. I just like the speed and hard work of Microsoft under Nadella.
  • it's just a definition update, much easier than pushing a complete update through windows update
  • As you can see from the image above, they had to act because they had a compromised security certificate that made the PC vulnerable.
  • Yep, more like 0-day fix. I wonder if other antivirus companies have put this in their definition update
  • most other antivirus companies are sleezier than this adware
  • Well, that becomes a spyware.
  • This is pathetic, I'll never buy something from lenovo
  • I wonder if this will affect Lenovo sales. Should permanently damage their already flimsy reputation.
  • I honestly doubt it will. Tech people will know, but most consumers will have no idea.
  • Now they will.
  • If anything, Microsoft could use this to pressure Lenovo to offer more "clean" versions of their hardware without all that extra stuff installed.
  • Thanks to Facebook trending now every one knows about it..
  • If it does, I blame the tech writers. Even the windows central article on it portrayed the company as evil. Almost all of them say, "Oh look everyone, Lenovo is installing "adware". Bad company!"
    A similar kind of negative perception exists about windows and Microsoft as well, thanks to such writers.
    I don't mean to insult or attack any writers here, just pointing out that the article was giving its reader too much of a negative impression about lenovo. Personalized ads aren't a new thing. Microsoft and google do it too. I also agree that Lenovo should have been informing us of the adware though.
  • The best is transparent options. This is what it does, these are the benefits, do you want it....select YES or NO.
  • What Lenovo did, was take it to another level. Furthermore their certificate poses a significant risk as it was cracked with the simplest of attacks.
  • I don't blame the writes.   I blame the idiots that decided to sell devices with malaware installed!!
  • Well.. If Lenovo just did some homework, this would never happened
  • The hell are you talking about?  Google and Microsoft "do the same thing"?  They installed adware onto your computer without you knowing about it?   Serving 'personalized ads' has nothing to do with adware which is a malicious program inserting ads into another application, almost always w/o the user knowing about it.  "They can opt out" is crap statement by Lenovo as these types of things are never made clear or usually even visable.   
    If you put something into the your product to make you a few extra bucks that is purely a negative for the customer you are doing something shitty.  Lenovo is being a shitty company by doing this.  Any company who does this is being shitty.  Doesn't mean everything they do is so but it does mean everyone should take them to the carpet for it. Overlooking it because you like the company otherwise is essentially helping them become a company you won't like in the future.
  • Plus not many laptops out there beat a Thinkpad in terms of weight, performance and features. I always format any computer I buy with a fresh copy of Windows straight from Microsoft.
  • I know, and I'm buying a Yoga 2 anypen tablet today, while its on sale.
  • I'm sure it will.  I wouldn't even consider one after this stunt.  Get back to me after a few years.
  • I'm pretty sure it will.
  • That's sad for Lenovo, pulled a d**k move and now they knee deep in its repercussions and they may still be sinking
  • Thank u Microsoft :)
  • So which PC is the best to buy?
  • The one you build yourself. Second best would be to do your research and find which laptop is physically the best, then pul an OEM copy of Windows on it, Image it when you have everything set the way you like, and say to hell with what ever came already loaded
  • Or just buy from Microsoft. Even their fall Lenovo's did not have Superfish on them due to their Signature Series.
  • Good point. I'm not really a laptop person so I didn't think of that. Beefy desktops, or tablet/phones for me.
  • There is no Microsoft store in my region. Thanks for the advise guys.
  • Thanks for your advise.
  • You are more than welcome.
  • Buy a surface. ;)
  • I love Lenovo's hardware. Though, I must admit, that due to being owned by the Chinese government I do not trust them by much as I did IBM.
  • Yes, I'm sure that every American company must be owned by the US government as well.
  • Chinese government wanna monitor the world
  • The US is no better, seems they want to police the worlds computers: http://www.neowin.net/news/us-judges-will-soon-be-able-to-issue-worldwide-warrants
  • I guess they're advertising on behalf on Microsoft to use Defender.
  • I think it's working. Just uninstalled my AntiVirus software and started using Windows Defender.
  • All you had to was just enable defender and just run a update then scan. If it clashed with your anti virus, then you could have simply disabled it.
  • I just did it for performance. I know most AntiVirus software slows down PCs and since Windows Defender is embedded, may as well just use that. Personally, I didn't have SuperFish, it was optional and I optioned out. I still have the full-fledge AntiVirus software on my Desktop though... just figured MS would be enough on the Tablet.
  • Nice one, Microsoft. Show them you're not in the mood for bullshit.
  • Well played Microsoft!
  • This type of thing is one of the reasons I build my own computers.
  • Lenovo just placed themselves on my 'do not buy again, ever' list.   Sure, I know other PC OEMs probably load their PC laptops with similar adware/malware crap, but at least this we know about. And honestly, the fact that many PC makers do this is one of the reasons people buy Macbooks.
  • Macbook+bootcamp=decent PC with a good trackpad.
  • A terrible week for Lenovo, I guess
  • Microsoft cleaning up Lenovos mess.
  • Unleash the "SuperBowl" for this SuperFish.
  • Microsoft needs to unbundle this thing and bring in massive improvements and better virus protection solutions to match industry leaders
  • Lenovo surpassed HP to become the largest PC manufacturer not too long ago. I wonder if it will remain the largest when the numbers are published for next quarter. Anyone searching up Lenovo to research a PC purchase will get at least a half dozen articles about this in the top ten search results.
  • well, at least with Lenovo, we know about it. I wonder what other OEMs are doing that their users aren't aware of.
  • Haha, thanks MS that is awesome!