Man-in-the-middle HTTPS breach

User Name

http://arstechnica.com/security/2015/02/lenovo-pcs-ship-with-man-in-the-middle-adware-that-breaks-https-connections/

I particularly liked the suggestions in the comment section.

xanadu

I miss my old stinkpads. I would remove OEM installs for the performance gains. Komodia certificates are in a lot more than Lenovo's software, so I would imagine there are a lot more people at risk.

Edit: check this list under vendors: http://www.kb.cert.org/vuls/id/529496 (there is more software at risk)