The Colombian consumers and traders were surprised when they learned that Lenovo installing dangerous software ‘fill’ on their machines, called Superfish. This week the seriousness of the mark was questioned again, after it became known that continues to install software ‘garbage’, this time by a more aggressive strategy.
The most indulgent call him ‘bloatware’ or filler software, and the most emphatic prefer the term ‘crapware’, or junk software. In any case, this is the kind of software that Lenovo is installing on their computers. And it does in its factories, but directly into the homes of consumers, even if they decide to format the PC and install Windows on their own.
How do you do it? Thanks to Lenovo machines have altered your system BIOS, a critical part of the motherboard of the computer, with a routine that installs the software even after they are formatted.
Lenovo continues to install
unwanted software
Just six months ago Lenovo published press releases apologizing for selling computers preinstalled with a program called Superfish, which besides being unnecessary, opened a dangerous security hole in the device.
At the time Vanguardia Liberal published a warning consumers about the dangers of Article buy Lenovo models of the IdeaPad line of home consumption, and on these days issued a statement where the manufacturer clarified exactly which models were affected.
Then, as now, the models of Lenovo’s corporate lines like ThinkPad, 100% were out of danger.
Yet the news was not pleasant either for consumers or for Colombian traders have bet the seriousness of the brand.
Now, six months later, it was discovered that Lenovo continues to install software on machines fill the IdePad line, although the company changed tactics.
Now use more aggressive.
The new strategy: use the BIOS
The BIOS is a fundamental system of communication between the basic components of a computer: is there from the moment the machine is turned on. And most importantly, it works at a “low” and essential for operating the system level. That is, before Windows starts, the BIOS is already in operation
Because it is in the BIOS, the Lenovo Service Engine or LSE can make a dirty trick. replace the starter system insurance . Windows with their own routines
These routines perform the same task as those of Microsoft, and make an extra revision: ensure that the software update Lenovo is installed on the machine, and if they find that was removed, they reinstall it.
security flaws detected
But this time the situation is not as bad as earlier this year, the researcher Roel Schouwenberg already discovered how to use form malicious Lenovo designed the system to ensure that their programs will fill in the computers of their customers.
Schouwenberg could carry out an attack of ‘privilege escalation’, which would allow a hacker to gain control over a vulnerable computer Lenovo.
Because the researcher put the company on notice, Lenovo was able to launch two tools during the month of July to remove their computers LSE. The tools can be found in the Support.lenovo.com/nz/en/downloads/ds104370 address for laptops, and Support.lenovo.com/nz/en/downloads/ds104373 management for desktops.
Naturally, Microsoft, developer of the operating system affected by the strategy of Lenovo, does not agree with the tactic.
“As a result of these findings, Microsoft launched new security policies the implementation of this feature of Windows in the BIOS. LSE use by Lenovo was not consistent with these guidelines, and as a result, LSE no longer being installed on Lenovo systems, “said Microsoft in a statement.
The models affected buyers who want to eliminate the system should update the ‘firmware’ of their machines.
MODELS AFFECTED NOTEBOOK LENOVO
FLEX 2 PRO 15 (Broadwell)
FLEX 2 PRO 15 (HASWELL)
FLEX March 1120
Flex 3 1470/1570
G40-80 / G50-80 / G50- 80 TOUCH
S41-70 / U41-70
S435 / M40-35
V3000
Y40-80
YOGA March 11
YOGA March 14
Z41-70 / Z51-70
Z70-80 / G70-80
MODELS AFFECTED LENOVO DESKTOP
A540 / A740
B4030
B5030
B5035
B750
H3000
H3050
H5000
H5050
H5055
HORIZON 2 27
HORIZON 2E (HOME YOGA 500)
HORIZON 2S
C260
C2005
C2030
C4005
C4030
C5030
X310 (A78)
X315 (B85)
No comments:
Post a Comment