The US Department of Homeland Security is advising Lenovo customers to get rid of the Superfish bug from their computers as soon as possible.
An alert released through the National Cyber Awareness System explained to US citizens that anyone who doesn't remove Superfish will find their PC vulnerable to an SSL spoofing cyberattack and also claimed that it was installed on machines sold as far back as 2010.
"Systems that came with the software already installed will continue to be vulnerable until corrective actions have been taken," read the agency advice.
Lenovo denies 2010 claim
Lenovo spokesperson Brion Tingler told Reuters that he couldn't explain why the Department of Homeland Security claimed that software had been installed since 2010 when it said on Thursday that it was only preloaded on machines shipped from September to December last year.
It came on the same day that Lenovo began to tell customers to start uninstalling a piece of software they originally thought would "enhance the shopping experience for customers" and Microsoft's Windows Defender has also started to offer its users the chance to remove Superfish as part of its latest update.