SuperFish Vulnerability discovered in Lenovo personal computer pre-installed with SuperFish Visual Discovery Software, SuperFish intercepts HTTP(S) traffic using a self-signed root certificate. These updates address vulnerability that could allow an attacker to read all encrypted web browser traffic (HTTPS), successfully impersonate (spoof) any website, or perform other attacks on the affected system.
SuperFish may have appeared on these Lenovo Notebook models:
. E-Series: E10-30
. Flex-Series: Flex2 14, Flex2 15, Flex2 14D, Flex2 15D, Flex2 Pro, Flex 10
. G-Series: G410, G510, G710, G40-30, G40-45, G40-70, G40-80, G50-50, G50-45, G50-70, G50-80, G50-80Touch
. Miix-Series: Miix2 – 8, Miix2 – 10, Miix2 – 11, Miix 3 – 1030
. S-Series: S310, S410, S415, S415 Touch, S435, S20-30, S20-30 Touch, S40-70
. U-Series: U330P, U430P, U330 Touch, U430 Touch, U540 Touch
. Y-Series: Y430P, Y40-70, Y40-80, Y50-70, Y70-70
. Yoga-Series: Yoga2-11, Yoga2-13, Yoga2Pro-13, Yoga3 Pro
. Z-Series: Z40-70, Z40-75, Z50-70, Z50-75, Z70-80
. Lenovo Edge 15
Users and administrators are encouraged to review the Security advisory released from Lenovo and apply the necessary updates.