Connect with us

Hi, what are you looking for?

Tech & Science

Huge security flaw found in Lenovo laptops and computers

Utilising the classic “coffee shop attack,” the issue was found inside the Lenovo update software used to download new versions of Lenovo programs. The updater did not bother to confirm that the files it downloaded were what they claimed to be, leaving the download open to hijacking.
In a public network such as those provided by coffee shops, attackers could hijack the connection and exploit the Lenovo software to download their own files. As the software did not validate the signature of the file that it was downloading, the malicious programs could easily be downloaded, installed and run in an elevated privilege mode instead.
The BBC says that two other flaws would have allowed attackers to gain control over an affected computer and give them the ability to run malicious commands on it, raising the prospect of remote hijacking of systems.
The news is likely to anger, annoy and worry users of Lenovo laptops. After having been told just a couple of months ago that the Superfish software included by the company was adware, now the manufacturer has left its users open to malware.
Lenovo has traditionally had a very strong image in the computer market, particularly among business users. Because of this, many Lenovo laptops are likely to contain important and sensitive data which attackers could have gained access to. Two issues within two months may worry IT departments at large companies who have previously relied on Lenovo and its positive feedback.
The discovery was made by researchers at security firm IOActive in February. Before announcing it publicly today, they notified Lenovo who released an update to patch the issues last month. Unfortunately, the updates will not be installed automatically and instead users will have to confirm a prompt. If you own a Lenovo computer, it is recommended that you update the “System Update” software as soon as you can.

Written By

You may also like:

Life

Their stories are divided into before and after.

Social Media

Wanna buy some ignorance? You’re in luck.

Tech & Science

Under new legislation that passed the House of Representatives last week, TikTok could be banned in the United States.

Life

Platforms like Instagram and Pinterest often suggest travel destinations based on your likes and viewing habits.