While it is akin to playing whack-a-mole, it's nice to see them seriously considering blocking this cert so users who get a theoretical update in Firefox would have it simply be removed. Granted Superfish could update and get around it but that would require effort and considering the PR nightmare Lenovo is going to be fielding I doubt they would do so.