Lenovo scrambling to get a fix for BIOS vuln

Forum Moderators: open

Message Too Old, No Replies

Lenovo scrambling to get a fix for BIOS vuln

This is very important for Win10 installs on Lenovo hardware

tangor

5:15 am on Jul 4, 2016 (gmt 0)

Lenovo, and possibly other PC vendors, is exposed to a UEFI bug that can be exploited to disable firmware write-protection.

If the claims made by Dmytro Oleksiuk at Github are correct, an attacker can “disable flash write protection and infect platform firmware, disable Secure Boot, [and] bypass Virtual Secure Mode (Credential Guard, etc.) on Windows 10 Enterprise.”

[theregister.co.uk...]

While this is a hardware problem for Lenovo, it appears that Win10 is the most critically impacted. So, take all caution and be warned. At present there is no patch available. Note: per the article, other hardware systems might also be compromised. Use due diligence to see if your system(s) are included.

bill

6:48 am on Jul 4, 2016 (gmt 0)

This one does not seem to be a feature. ;)
I've taken Lenovo off my hardware consideration list long ago. This just reinforces things for me.

However, it does look like this vulnerability will affect other hardware vendors as well. I don't think we've heard the last of this particular one even if Lenovo is able to fix their systems.

engine

3:42 pm on Jul 4, 2016 (gmt 0)

I have a Lenovo laptop which has turned out to be less than good for a number of reasons, but primarily because it's rather poor build quality, and I simply cannot get on with the mousepad. Add these problems to it and it's going to be my last Lenovo laptop.

Lenovo Tells Its Users to Remove its Vulnerable Updater [webmasterworld.com]

bill

10:52 pm on Jul 5, 2016 (gmt 0)

It has a name now: ThinkPwn, and it affects more than Lenovo machines...

https://threatpost.com/scope-of-thinkpwn-uefi-zero-day-expands/119027/ [threatpost.com]

Scope of ThinkPwn UEFI Zero Day Expands

A serious hardware vulnerability, thought to be confined to UEFI drivers in Lenovo and HP laptops, has also been found in firmware running on motherboards sold by Gigabyte. The flaw was publicly disclosed last week by researcher Dmytro Oleksiuk. No patches are yet available.