Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Lenovo cries 'dump our support app' after 'critical' hole found


  • Please log in to reply
No replies to this topic

#1 JohnC_21

JohnC_21

  • Members
  • 24,310 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:19 AM

Posted 02 June 2016 - 08:28 PM

Lenovo is warning users to uninstall its Accelerator support application after it was revealed to have what it says are serious interception vulnerabilities.

The company is one of five vendors caught pre-installing dangerously-vulnerable OEM software.

Duo Security researcher Mikhail Davidov reported the holes that would allow eavesdropping attackers to tap into Accelerator's unencrypted update channels to compromise users.

"A vulnerability was identified in the Lenovo Accelerator Application software which could lead to exploitation by an attacker with man-in-the-middle capabilities," Lenovo says.

"The vulnerability resides within the update mechanism where a Lenovo server is queried to identify if application updates are available.

"Lenovo recommends customers uninstall Lenovo Accelerator Application."

 

Article



BC AdBot (Login to Remove)

 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users