We have already taken several critical first steps:
- We stopped the preloads and will not include this Superfish software in any devices in the future.
-
We have worked on our own and with our partners to make your PCs safe from this vulnerability as quickly and easily as possible:
- On Thursday, Feb. 19, Lenovo provided a manual fix and by Friday, Feb. 20, we provided an automated removal tool to make it simple for our customers to remove Superfish and related files.
- Also on Friday, our partners, Microsoft, McAfee and Symantec updated their software to automatically disable and remove this Superfish software. This means users with any of these products active will be automatically protected. We thank them for their quick response.
- Together, these actions mean all new products already in inventory will be protected. Shortly after the system is first powered-on the AV program will initiate a scan and then remove Superfish from the system. For systems which are re-imaged from the backup partition on the HDD Superfish will also be removed in the same manner. For products already in use, Superfish will be removed when their antivirus programs update.
-
Now, we are in the midst of developing a concrete plan to address software vulnerabilities and security with defined actions that we will share by the end of the week. What I can say about this today is that we are exploring a wide range of options that include:
- creating a cleaner PC image (the operating system and software that is on your device right out of the box);
- working directly with users, privacy/security experts and others to create the right preload strategy quickly;
- and soliciting and assessing the opinions of even our harshest critics in evaluating our products going-forward.
Thank you.
Peter Hortensius
Previous Lenovo statements on Superfish can be found at the Lenovo news site: http://news.lenovo.com/
distributed by |