Lenovo has published a guide on how to check for, find and remove the adware Superfish from more than 40 models of laptops – including its popular Yoga covertable tablets – that were shipped and sold between September of last year through January. Other sites also are offering information for removing the software that Lenovo pre-installed and some are calling a security risk as well as malware. 

Lenovo warns as well that the severity of risk to a hacking attack is “High.”

In an initial statement about the issue, Lenovo denied there was a security issue. That claim was removed from an update posted at Lenovo’s website.

World-wide media reports of Superfish being pre-installed on Lenovo laptops triggered a global media frenzy on Thursday. Lenovo said it had stopped installing the adware in January.

Superfish was loaded on laptops targeting consumers and was not included on ThinkPads targeting business customers, Lenovo noted.

Lenovo, the world’s No. 1 PC manufacturer, operates its global executive headquarters in Morrisville. Most of its operations are based in China, but the company has operations and subsidiaries worldwide. 

Models affected

Here’s a list of models where Superfish was installed:

E-Series: 

  • E10-30

Flex-Series:

  •  Flex2 14, Flex2 15
  •  Flex2 14D, Flex2 15D
  •  Flex2 14 (BTM)
  •  Flex2 15 (BTM)
  •  Flex 10

G-Series: 

  • G410
  • G510
  • G40-70, G40-30, G40-45
  • G50-70, G50-30, G50-45

M-Series:

  • Miix2 – 8
  • Miix2 – 10
  • Miix2 – 11

S-Series:

  •  S310
  • S410
  • S415; S415 Touch
  • S20-30, S20-30 Touch
  • S40-70

U-Series: 

  • U330P
  • U430P
  • U330Touch
  • U430Touch
  • U540Touch

Y-Series: 

  • Y430P
  • Y40-70
  • Y50-70

Yoga-Series:

  • Yoga2-11BTM
  •  Yoga2-11HSW

Yoga2-13

Yoga2Pro-13

Z-Series:

  •  Z40-70
  •   Z40-75
  •   Z50-70
  •   Z50-75

How to uninstall

The Lenovo uninstall guide can be found at: http://news.lenovo.com/images/20034/remove-superfish-instructions.pdf

Technology news site c/net also has a guide at: http://www.cnet.com/how-to/lenovo-superfish-adware-uninstall-fix/

“There’s no need to panic,” c/net says. “It’s a relatively simple process to remove Lenovo’s ‘Superfish’ adware.”

EFF: “Serious Security Issue”

Others are not so sure about whether Lenovo customers should panic

“Research from EFF’s Decentralized SSL Observatory has seen many thousands of Superfish certificates that have all been signed with the same root certificate, showing that HTTPS security for at least Internet Explorer, Chrome, and Safari for Windows, on all of these Lenovo laptops, is now broken. Firefox users also have the problem, because Superfish also inserts its certificate into the Firefox root store,” reported the Electronic Frontier Foundation, a group focused on defending the rights of digital users.

“This is a serious security issue.”

Find out more at: https://www.eff.org/deeplinks/2015/02/how-remove-superfish-adware-your-lenovo-computer

Superfish touts itself as “a visual search technology company – enabling searches to be conducted using images.