Microsoft Acted When Lenovo Hesitated: Updated Windows Defender Now Can Remove Superfish Adware

dunkleosteus-tamura-cc

Lenovo has recently been under fire for its pre-installation of the Superfish Visual Discovery Software, an adware that compromises system security, in some of the company’s laptops.

The adware tampers with the system of official certificates for websites used by computers to detect fake websites. By doing so, Superfish hijacks all the supposedly secure HTTPS connections on the affected laptops, leaving the computers wide open for hackers to breach system security and perform activities such as monitor a user’s private online banking transactions.

While Lenovo has issued an apology and released methods on how to eliminate the already disabled Superfish adware, Microsoft did not leave all the fixes up to Lenovo.

Microsoft quietly released an update to its Windows Defender antivirus software that not only deletes Superfish from affected computers, but also erases the self-signed certificate that the adware uses to be able to compromise the encrypted Internet traffic of the computer.

The Windows Defender update was first discovered by Filippo Valsorda, a security engineer for Cloudflare and the creator of the first website that allowed users to check if their systems have been compromised by Superfish.

A spokesperson for Microsoft confirmed that the Windows Defender update allows the antivirus software to detect and delete Superfish from Lenovo computers.

bofa-intercept-superfish-rg

Windows Defender is an antivirus solution that is the default security software for users with Windows 8 installed in their computers.

The statement by the Microsoft spokesperson also essentially means that the Security Essentials tool of Microsoft for previous Windows versions will also be able to delete Superfish from systems.

Other software may be able to eliminate the adware, but most are not also able to delete the rogue certificates that Superfish creates in the certificate managers of Windows and Firefox.

For Firefox users, however, Windows Defender does not look like it is able to remove the Superfish certificates from the Internet browser’s independent management system for certificates.

One thing to note, however, is that Windows Defender is automatically disabled when a third-party antivirus software is installed, which is a concession made by Microsoft to vendors of antivirus programs and to computer manufacturers. Computer companies are paid whenever users upgrade the trial versions of antivirus software, and if Windows Defender was active, then no such thing will probably happen.

Many Lenovo laptops come with trial versions of various antivirus software, and through the duration of the trial, Windows Defender will be inactive. Windows Defender will only step in to protect the computer only after the system has not been protected for a couple of weeks, which is another way that pre-installed junkware in computers hurt users.

Leave a Reply