Microsoft has taken steps to impede the next Superfish from impacting users. Superfish was pre-installed adware found on new Lenovo laptops earlier this year. The software exposes users to man-in-the-middle attacks because of the way it injects advertisements into the browser. It comes with a self-signed root cert that generates certs for HTTPS connections, replacing existing certs with its own in the process. Attackers could take advantage of this scenario especially after the password for the cert that shipped with Superfish was found to listen in on encrypted communication. Microsoft stated it has updated its rules around adware, and now such programs that build ads in the browser are required to only use the browser’s supported extensibility model for installation, execution, disabling and removal. Microsoft said starting March 31, 2016 it will detect and begin removing programs that are not in compliance.
The information provided herein is on "as is" basis, without warranty of any kind.
Mauritian Computer Emergency Response Team (CERT-MU)
National Computer Board
7th Floor, Stratton Court
La Poudriere Street