SoylentNews is people
SoylentNews
It turns out that Lenovo has code in their BIOS which creates and maintains a backdoor executable in Windows 7 and Windows 8.x installs. Simply wiping the machine when you bring it home to remove the factory crap-ware is not enough to overcome this implementation. This issue is supposed to have been resolved via a recently released patch that doesn't remove but rather disables this 'feature' which is being called the Lenovo Service Engine.
Original Source for the news:
http://arstechnica.com/civis/viewtopic.php?p=29497693&sid=ddf3e32512932172454de515091db014#p29497693
Link to patch:
https://support.lenovo.com/us/en/product_security/lse_bios_notebook
This exploit takes advantage of a Windows feature called Windows Platform Binary Table. This is essentially a method created for the purpose of enabling UEFI bioses to load extra binaries at boot time.
link to paper on WPBT:
http://feishare.com/attachments/article/298/windows-platform-binary-table.pdf
(Score: 3, Interesting) by dyingtolive on Thursday August 13 2015, @12:20AM
Wonder how well it updated autochk on my G500 dual booting OSX and Linux.
Still, I shouldn't laugh too loudly. They might have something for that too.
Don't blame me, I voted for moose wang!
(Score: 2) by Runaway1956 on Thursday August 13 2015, @01:30AM
Yeah, that was my thought. I get the stupid computer, nuke it, install my favorite *nix, and all is well until I shut it down. When I pick it up to use it again, there's windows! That would really suck.
(Score: 2) by dyingtolive on Thursday August 13 2015, @02:27AM
I was thinking more a OS appropriate payload to compromise your system regardless of the OS you chose.
...in retrospect, I think I'm just repeating what you said. :P
Don't blame me, I voted for moose wang!