The root certificate of Superfish adware got already hacked and attackers can make use of the certificate now. It is safer to remove the certificate from your PC. Read the instructions below.
To delete untrusted root CA certificates 1. In Windows, point to
Start, and then click
Run.
2. In the
Run dialog box, in the
Open box, type
MMC, and then click
OK.The Microsoft Management Console (MMC) appears.
3. In the MMC, on the
File menu, click
Add/Remove Snap-in.
4. In the
Add or Remove Snap-in dialog box, click
Certificates, and then click
Add.
5. In the
Certificates snap-in dialog box, click
Computer Account, and then click
Next.
6. In the
Select Computer dialog box, enter the name of the computer for the snap-in to manage. In your case, select Local Computer.
7. Click
Finish, click
Close, and then click
OK.
8. Expand the Certificates node.
9. Expand
Trusted Root Certification Authorities.
10. Click
Certificates.The details pane appears, showing all of the root CA certificates that are currently trusted.
11. Delete the root CA certificates that you do not trust. In this case, search for Superfish certificate and remove it.
Note that not all Lenovo PCs are affected. Superfish was included on some Lenovo consumer notebook products (not ThinkPad PCs) shipped in a short window between October and December. Lenovo is aware of this Superfish adware issue and stopped preloading the software in January. They have completely disabled server side interactions (since January) on all Lenovo products so that the product is no longer active.
You need to also uninstall Superfish Visual Discovery software from your Lenovo PC,
1. Go to Control Panel > Uninstall a Program
2. Select Visual Discovery > Uninstall
source: Lenovo and Microsoft
