LENOVO HAS issued an official response to a security researcher's claim that the company is shipping more bad software with its hardware.
Lenovo has accepted the problem and shunted it onto another party. But we are getting ahead of ourselves here.
The problem, according to a security researcher called Dymtro Oleksiuk, is that Lenovo is shipping a flaw that undermines Windows security protocols.
Oleksiuk has posted details of the Lenovo ThinkPad System Management Mode flaw on GitHub, and has published a blog about his work.
"The new 0day vulnerability in Lenovo firmware allows arbitrary SMM code execution on a wide range of Lenovo models and firmware versions including the most recent ones," he said.
"Exploitation of the vulnerability may lead to the flash write protection bypass, disabling of UEFI Secure Boot, Virtual Secure Mode and Credential Guard bypass in Windows 10 Enterprise and other evil things."
More info here
Edited by JohnC_21, 05 July 2016 - 09:20 AM.