Lenovo driver goof poses safety danger for customers of 25 pocket book fashions

Lenovo driver goof poses security risk for users of 25 notebook models

Enlarge (credit score: Getty Photographs)

Greater than two dozen Lenovo pocket book fashions are weak to malicious hacks that disable the UEFI safe boot course of after which run unsigned UEFI apps or load bootloaders that completely backdoor a tool, researchers warned on Wednesday.

On the similar time that researchers from safety agency ESET disclosed the vulnerabilities, the pocket book maker launched safety updates for 25 fashions, together with ThinkPads, Yoga Slims, and IdeaPads. Vulnerabilities that undermine the UEFI safe boot might be severe as a result of they make it attainable for attackers to put in malicious firmware that survives a number of working system reinstallations.

Not frequent, even uncommon

Quick for Unified Extensible Firmware Interface, UEFI is the software program that bridges a pc’s system firmware with its working system. As the primary piece of code to run when just about any trendy machine is turned on, it’s the primary hyperlink within the safety chain. As a result of the UEFI resides in a flash chip on the motherboard, infections are tough to detect and take away. Typical measures similar to wiping the exhausting drive and reinstalling the OS haven’t any significant impression as a result of the UEFI an infection will merely reinfect the pc afterward.

Learn 6 remaining paragraphs | Feedback

Related Posts

Leave a Reply

Your email address will not be published.