Stories
Slash Boxes
Comments

SoylentNews is people

SoylentNews is powered by your submissions, so send in your scoop. Only 18 submissions in the queue.

Lenovo Still Wants to Own Your Box

posted by janrinok on Wednesday August 12 2015, @11:59PM   Printer-friendly
from the flash-me-a-bios dept.

Anonymous Coward writes:

It turns out that Lenovo has code in their BIOS which creates and maintains a backdoor executable in Windows 7 and Windows 8.x installs. Simply wiping the machine when you bring it home to remove the factory crap-ware is not enough to overcome this implementation. This issue is supposed to have been resolved via a recently released patch that doesn't remove but rather disables this 'feature' which is being called the Lenovo Service Engine.

Original Source for the news:
http://arstechnica.com/civis/viewtopic.php?p=29497693&sid=ddf3e32512932172454de515091db014#p29497693

Link to patch:
https://support.lenovo.com/us/en/product_security/lse_bios_notebook

This exploit takes advantage of a Windows feature called Windows Platform Binary Table. This is essentially a method created for the purpose of enabling UEFI bioses to load extra binaries at boot time.

link to paper on WPBT:
http://feishare.com/attachments/article/298/windows-platform-binary-table.pdf

Original Submission

 
This discussion has been archived. No new comments can be posted.
Lenovo Still Wants to Own Your Box | Log In/Create an Account | Top | 25 comments | Search Discussion
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.

  • (Score: 0) by Anonymous Coward on Thursday August 13 2015, @06:14AM

    by Anonymous Coward on Thursday August 13 2015, @06:14AM (#222137)

    And even if it's just one product by lenovo, it's still by lenovo... fucking bastards. I think they just joined sony on the ultimate never buy shit list.