[FoRK] Make sure you truly wipe this rotten, stinking fish off your PC

Stephen D. Williams sdw at lig.net
Fri Feb 20 19:29:46 PST 2015

Good job Microsoft!

Bravo! Windows Defender update fully removes Lenovo's dangerous Superfish malware

Brad Chacos By Brad Chacos
PCWorld | February 20, 2015

Microsoft’s stayed mum during Thursday’s uproar about Lenovo installing dangerous, invasive “Superfish” adware on new PCs —adware 
that hijacks all secure HTTPS connections on affected PCs. But early Friday morning, Redmond quietly issued a sly condemnation of 
Lenovo’s folly, updating its Windows Defender antivirus solution to eradicate both the adware itself and the rogue self-signed 
certificate that allows Superfish to compromise encrypted web traffic.

The update was first noticed by Cloudflare security engineer Filippo Valsorda, who also created the first website that checks to see 
if your computer is infected with Superfish. A Microsoft spokesperson confirmed that “Microsoft security software detects and 
removes the Superfish software from Lenovo devices.”

Windows Defender is Microsoft’s homegrown antivirus solution, which is enabled by default in Windows 8. (Unless your PC vendor 
disabled it to activate a bundled AV solution by Norton, McAfee and their ilk, that is. If so, here’s how to reactivate Windows 
Defender.) As the default security solution for Windows 8 users, Microsoft’s bold move should go a long way toward killing off the 
Superfish threat.

The Microsoft representative’s statement also indicates that Microsoft’s separate Security Essentials tool for past versions of 
Windows should wipe out Superfish. Microsoft’s free antivirus solutions are the most-used antivirus tools, protecting more than a 
quarter of all PC users, according to a late 2014 report by Opswat.

Other security programs may well eliminate the Superfish adware itself, but not the rogue certificates it creates in the Windows and 
Firefox certificate managers. Check out PCWorld’s guide to completely eradicating Superfish to make sure you truly wipe this rotten, 
stinking fish off your PC. I’d suggesting walking through the steps even if you use Windows Defender, just to make sure the 
site-hijacking certificates are truly gone.

This story, "Bravo! Windows Defender update fully removes Lenovo's dangerous Superfish malware" was originally published by PCWorld.

Brad Chacos — Senior Editor

More information about the FoRK mailing list