SuperFish has been an ugly security black mark for Lenovo. It’s often been a criticism in my reviews of their gear that they include too much “value added” software (bloat), and removing a lot of it will noticeably improve system performance.
SuperFish however was a piece of adware. If a Lenovo owner opted into the “service”, SuperFish would analyze images and searches to insert ads for similar products and to do cost comparisons. While that doesn’t sound terrible, behind the scenes SuperFish would install its own security certificates which allowed the service to intercept encrypted traffic.
It’s doubtful that Lenovo or SuperFish seriously wanted to peek in on your private and secured data, but such a gaping hole could easily have been exploited by another attacker.
Lenovo detailed that this adware package was only installed on consumer systems, not on Thinkpads and business systems. Today they’ve published details on removing the service, and they’ve released an app to aid in the removal.