Stories
Slash Boxes
Comments

SoylentNews is people

posted by janrinok on Wednesday August 12 2015, @11:59PM   Printer-friendly
from the flash-me-a-bios dept.

It turns out that Lenovo has code in their BIOS which creates and maintains a backdoor executable in Windows 7 and Windows 8.x installs. Simply wiping the machine when you bring it home to remove the factory crap-ware is not enough to overcome this implementation. This issue is supposed to have been resolved via a recently released patch that doesn't remove but rather disables this 'feature' which is being called the Lenovo Service Engine.

Original Source for the news:
http://arstechnica.com/civis/viewtopic.php?p=29497693&sid=ddf3e32512932172454de515091db014#p29497693

Link to patch:
https://support.lenovo.com/us/en/product_security/lse_bios_notebook

This exploit takes advantage of a Windows feature called Windows Platform Binary Table. This is essentially a method created for the purpose of enabling UEFI bioses to load extra binaries at boot time.

link to paper on WPBT:
http://feishare.com/attachments/article/298/windows-platform-binary-table.pdf


Original Submission

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 2) by ilPapa on Thursday August 13 2015, @03:13AM

    by ilPapa (2366) on Thursday August 13 2015, @03:13AM (#222094) Journal

    Can I own your box, too? I'll be gentle, I promise.

    My girlfriend can't wrestle, but...

    --
    You are still welcome on my lawn.
    Starting Score:    1  point
    Karma-Bonus Modifier   +1  

    Total Score:   2