Mozilla scrubs Superfish certificate from Firefox
Mozilla has released an update to Firefox that erases the self-signed digital certificate implanted by Superfish, the vulnerable adware that blew up in Lenovo’s face a week and a half ago.
The update was issued Friday, Feb. 27.
“We are deploying a hotfix today that detects whether Superfish has been removed, and if so, removes the Superfish root from Firefox,” said Richard Barnes, a Mozilla security engineer, on a company blog. “We do not remove the root certificate if the Superfish software is still installed, since that would prevent the user from accessing any HTTPS websites.”