Lenovo is warning users to uninstall its Accelerator support application after it was revealed to have what it says are serious interception vulnerabilities.
The company is one of five vendors caught pre-installing dangerously-vulnerable OEM software.
Duo Security researcher Mikhail Davidov reported the holes that would allow eavesdropping attackers to tap into Accelerator's unencrypted update channels to compromise users.
"A vulnerability was identified in the Lenovo Accelerator Application software which could lead to exploitation by an attacker with man-in-the-middle capabilities," Lenovo says.
"The vulnerability resides within the update mechanism where a Lenovo server is queried to identify if application updates are available.
"Lenovo recommends customers uninstall Lenovo Accelerator Application."