Weak information protection measures also makes devices carrying the software easier targets for hackers, security experts said.
"This problem is much bigger than we thought it was," MarcRogers, principal security researcher at Cloud Flare Inc, said in his personal blog.
Many non-Lenovo computers have used the web page interception function that Superfish also used, meaning the security flaws lurk in more PCs than just those sold by Lenovo, according to Rogers.
For Lenovo, the software may have appeared on nearly 50 models of laptops, including its flagship Yoga series. The ThinkPad product line, which Lenovo acquired from IBM Corp about a decade ago, was not affected, according to the Chinese company.
"We will not include this Superfish software on any devices in the future," it said.
It remains unclear how many Lenovo devices installed with Superfish have been sold.
Lenovo shipped 16 million PCs in the fourth quarter of last year, up 4.9 percent year-on-year. The company had a record 20 percent market share in the worldwide PC industry as of Dec 31, according to research firm International DataCorp.
PCs remain the biggest profit source for Lenovo, although the company has sought to diversify further into smartphones and enterprise server units. The PC and tablet sales of Lenovo hit $9.2 billion in the fourth quarter, representing more than 65 percent of its total quarterly revenue.