Biggest PC maker: ‘We didn’t do enough’ to prevent tech flaw
Lenovo, the world’s biggest PC manufacturer, acknowledged “we didn’t do enough” to root out the security flaws in software it preinstalled on its laptops, The Wall Street Journal reported.
The software in question, Superfish, was discovered to have a vulnerability that allowed hackers to easily take over a laptop remotely.
{mosads}“We will provide a tool that removes all traces of the app from people’s laptops; this goes further than simply uninstalling the app,” said Peter Hortensius, Lenovo chief technology officer, in an interview with the Journal.
Superfish automatically injected ads into users’ Internet browsers.
It’s intended to deliver hyper-relevant ads to users, but security experts said it was easy for hackers to hijack the software to clandestinely eavesdrop or collect sensitive data.
Hortensius agreed with security researchers that the software needed to be eradicated, but he said the company hadn’t noticed cyberattackers exploiting it.
“We’re not trying to get into an argument with the security guys,” he said. “They’re dealing with theoretical concerns. We have no insight that anything nefarious has occurred. But we agree that this was not something we want to have on the system, and we realized we needed to do more.”
The incident has raised the question of whether computer manufacturers should pre-install any software on devices.
“We get pretty good feedback from users on what software we pre-install on computers,” Hortensius said. “What we’re going to do in the next few weeks is dig deeper, and work with users, industry experts and others to see how we can improve what we do around software that comes installed on consumers’ computers.”
Copyright 2024 Nexstar Media Inc. All rights reserved. This material may not be published, broadcast, rewritten, or redistributed..