An application preinstalled on Lenovo computers, the largest global manufacturer of personal computers, was identified as malicious software by various experts and analysts of computer security. Powered by signing Superfish, the program allows an attacker to violate the privacy of personal data of users of a laptop owners the Chinese manufacturer.
In previous form, in mid-June, had Superfish been reported by users of laptops Lenovo as adware, a program dedicated to automatically display advertisements on line, overlapping on having the page itself. The program was installed in a game released between September and December equipment and installation has been given out since January, according to statements from the Chinese company cited by Reuters.
“We investigated this technology and we find no evidence for possible security flaws, “the company said.
However, Superfish was identified as malicious software that records encrypted connections, a method that may allow third take advantage of this gap to infringe the privacy of users of computers Lenovo that have this program, as Robert Graham, director of security firm Errata Security.
In turn, remarked that the Superfish uninstaller does not resolve the vulnerability.
“Superfish works as a program that provides advertisements related to user behavior to intercept encrypted communications, similar to a wiretap,” said Eric meanwhile Rand, a researcher at Brown Hat Security.
In a report posted on Twitter by computer security specialist Kenn White shows how a secure connection Site Bank of America was intercepted by Superfish software.
No comments:
Post a Comment