Lenovo to Allay Superfish Security Concerns with McAfee
China's Lenovo Group Ltd on Friday said it will offer free subscriptions to Intel Corp security software to customers who bought laptops that were shipped with a program known as "Superfish," which made PCs vulnerable to cyberattacks.
Lenovo, the world's biggest personal computer maker, last week advised customers to uninstall the Superfish program.
Security experts and the U.S. Department of Homeland Security recommended the program be removed because it made users vulnerable to what are known as SSL spoofing techniques that can enable remote attackers to read encrypted web traffic, steal credentials and perform other attacks.
Lenovo announced the offer to provide six-month subscriptions to Intel's McAfee LiveSafe on Friday as it also disclosed plans to "significantly" reduce the amount of software that it ships with new computers.
Pre-loaded programs will include Microsoft Corp's Windows operating system, security products, Lenovo applications and programs "required" to make unique hardware such as 3D cameras work well, Lenovo said.
"This should eliminate what our industry calls 'adware' and 'bloatware,'" the Lenovo statement said.
Adi Pinhas, chief executive of Palo Alto, California-based Superfish, said in a statement last week that his company's software helps users achieve more relevant search results based on images of products viewed.
He said the vulnerability was "inadvertently" introduced by Israel-based Komodia, which built the application that Lenovo advised customers to uninstall.
Komodia declined comment.
(Reporting By Jim Finkle in Boston and Lehar Maan in Bengaluru; Editing by Savio D'Souza and Alan Crosby)