Until Superfish fix, Lenovo devices can't be trusted for secure work
Summary: Enterprise customers are said not to be affected, but millions of consumers and bring-your-own-device users are likely using compromised machines.
|(Image: CNET/CBS Interactive)|
Lenovo-branded devices sold between September 2014 and January 2015 through consumer online and retail stores, like Best Buy and Amazon.com, are likely affected by the Superfish adware, which hijacks secure internet traffic.
Defcon security chief and security researcher Marc Rogers, who detailed the scope and scale of the adware problem on his blog, told ZDNet that consumers should immediately check to see if their machines are affected.
"If they are affected, they should not use their laptop for any kind of secure transactions until they are able to confirm [the adware] has been removed," he said.
As many as 16 million Lenovo desktops and notebooks shipped in the fourth calendar quarter, according to recent IDC figures and Gartner figures.
Enterprise owners, who bought the device through a business channel, are said not to be affected.