Pre-installed software could be a threat to your computer security: Example – Superfish

Anyone who purchases a new computer is familiar with it: pre-installed software.

Perhaps it is meant to be useful, to give you “extra bang for your buck”, all those add-ons that make you feel you scored all those freebies with your main purchase, but most of that stuff is rarely useful, and at times is downright annoying – from a barrage of free trials and full version purchase offers, to being extremely difficult to remove.

Junkware” a.k.a. “Bloatware” a.k.a. “Crapware” is the stuff that hardware makers pre-install onto their devices on top of the operating system.

As Adrian Kingsley-Hughes refers to it in Crapware: why manufacturers install it, what you can do about it, and why it’s not going to go away, “At best this crapware is benign, while at worst it can dramatically slow down system performance or even compromises system security.”

worried about superfish preinstalled softwareHave you ever found yourself cursing at “Microsoft” or “Windows” for what you thought were performance issues?  The fact is the problem may not be with the operating systems, but with the company that built the PC and then bloated it with junkware they get paid for installing by software makers. It is almost impossible for an average consumer to safely and effectively remove junkware from their systems.

Facts about Junkware

  • To much junkware can impact PCs performance.
  • Consumers may not be aware of junkware coming pre-installed with their new computers: some of it is hidden in the “small print”.
  • It is often difficult to unistall.

But the biggest problem is that an average consumer will not be aware of the security threats that some junkware may pose.

Case in point – a Superfish fiasco

This passed week, the Superfish drama has unfolded and highlighted a huge concern: some pre-installed software can be a security threat.

Superfish is the adware (and that is bad enough!) employed on recently distributed Lenovo notebooks. Some of you  may have come across it in “Visual Search Results” embedded Chrome or Internet Explorer. Superfish looks at what you are searching for to display additional, ad-based search results, and it does so by creating its own security certificates that replace those of legitimate sites with encrypted connections – and that is why it is dangerous: as a result, you may end up at a malicious web page that can phish for your private information by masquerading as your bank, or your credit card company, etc. and that can lead to identity theft and other damage.

In the official statement Lenovo apologized “for causing any concern to any users for any reason”.

“We stopped the preloads beginning in January. We shut down the server connections that enable the software (also in January), and we are providing online resources to help users remove this software. Finally, we are working directly with Superfish and with other industry partners to ensure we address any possible security issues now and in the future.  Detailed information on these activities and tools for software removal are available here:

So, if you have a Lenovo system that has Superfish on it, or you just want to get a new PC and get rid of junkware on it, you may want to get a clean slate with a fresh install of Windows.

Remember to run a backup of your business data and personal files, of course, before you reinstall Windows as it comes directly from Microsoft, with no third-party applications.

Some extra applications that you do want can be added after your new Windows installation.

For a step-by-step guide on how to cleanly install Windows 8 , read here, and a guide on i how to install of Windows 7, read here.


How is your state of IT? Call Us: (855) 551-7760 with any questions.