It turns out that Lenovo has code in their BIOS which creates and maintains a backdoor executable in Windows 7 and Windows 8.x installs. Simply wiping the machine when you bring it home to remove the factory crap-ware is not enough to overcome this implementation. This issue is supposed to have been resolved via a recently released patch that doesn't remove but rather disables this 'feature' which is being called the Lenovo Service Engine.
Original Source for the news:
http://arstechnica.com/civis/viewtopic.php?p=29497693&sid=ddf3e32512932172454de515091db014#p29497693
Link to patch:
https://support.lenovo.com/us/en/product_security/lse_bios_notebook
This exploit takes advantage of a Windows feature called Windows Platform Binary Table. This is essentially a method created for the purpose of enabling UEFI bioses to load extra binaries at boot time.
link to paper on WPBT:
http://feishare.com/attachments/article/298/windows-platform-binary-table.pdf
(Score: 3, Interesting) by Anonymous Coward on Thursday August 13 2015, @01:20AM
Because a 16 bit bios kludged to support 32 bit apps, then ported to 32 bit with a 16 bit compatibility layer really needed to be replaced at some point. That point being when enough computers shipped both with enough ram and a new enough operating system to warrant migration to primarily 64 bit operation with only the minimum necessary 32 bit fallbacks.
That said, I *HATE* EFI and as klunky as it was, wish they'd stuck with a forth based firmware that could've leveraged hardware option rom compatibility with PPC/SPARC and hopefully have pushed for everything else to standardize on it as well.
But alas we got a half baked DOS clone with DRM baked into the flash.
(Score: 2) by LoRdTAW on Thursday August 13 2015, @01:26PM
I realize the old BIOS was heavily outdated. EFI was completely unnecessary. There were better options, ARCS (though it became an SGI only firmware), Open Firmware/OpenBIOS, etc.
Personally, I'd certainly prefer coreboot. It can handle different payloads like Open Firmware/OpenBIOS, UEFI via tianocore or classic BIOS via SeaBIOS. It can also directly load GRUB or boot via ethernet with Etherboot. Very flexible and open source.