It seems that Lenovo has installed adware called Superfish on their computers. According to the article the is so poorly written that all kinds of hackers can access the certificate and redirect the user to dubious sites. Looks like Lenovo has joined Sony on my cannot trust list.
Quote From the Register Article:
Security experts are warning that the Superfish code is so badly designed that it is easy to extract the private key to its root CA certificate. This private key can be used to generate SSL certificates that a nefarious website can use to masquerade as a legit site.
For example, if you're a bad person working in a cafe with control over its public Wi-Fi, and you see an affected Lenovo user join your network, you can attempt to redirect their connection to an online bank to your own password-stealing server. Your server can use a rogue SSL certificate generated from Superfish's leaked private key to masquerade as the bank's dotcom. The Superfish root CA certificate on the laptop tells the browser to trust the dodgy connection – and user will be none the wiser (unless they inspect the SSL session, which no one does).
Read the whole article here.