Trusted Reviews is supported by its audience. If you purchase through links on our site, we may earn a commission. Learn more.

Lenovo CTO admits fault over Superfish software vulnerability

Lenovo’s chief technology officer has admitted the firm “messed up” by installing a piece of software on its laptops that leaves consumers vulnerable to attack.

The Chinese company has come under fire for shipping laptops with the Superfish adware, which analyses images users look at when browsing the web in order to push lower-priced products to them in the form of ads.

Because Superfish circumvents websites’ own SSL security certificates, it leaves consumers vulnerable to man-in-the-middle attacks. That could allow users bank details and other sensitive information to be harvested by third-parties when they log on to web accounts.

“We messed up,” Lenovo CTO Peter Hortensius told Recode on Friday. “We should have known that going in that that was the case. We just flat-out missed it on this one, and did not appreciate the problem it was going to create.”

“We are taking our beating like we deserve on this issue,” he added.

Read more: Best laptops 2015

Earlier this week the firm said it had stopped installing the software on its laptops and is has provided instructions for disabling it, but had played down the security fears.

“We have thoroughly investigated this technology and do not find any evidence to substantiate security concerns,” the Chinese company said in a statement earlier this week.

“We are not just curled up in a ball,” Hortensius said. “We are taking real action to make this right with our customers.”

Why trust our journalism?

Founded in 2003, Trusted Reviews exists to give our readers thorough, unbiased and independent advice on what to buy.

Today, we have millions of users a month from around the world, and assess more than 1,000 products a year.

author icon

Editorial independence

Editorial independence means being able to give an unbiased verdict about a product or company, with the avoidance of conflicts of interest. To ensure this is possible, every member of the editorial staff follows a clear code of conduct.

author icon

Professional conduct

We also expect our journalists to follow clear ethical standards in their work. Our staff members must strive for honesty and accuracy in everything they do. We follow the IPSO Editors’ code of practice to underpin these standards.