SoylentNews

Anonymous Coward [lemonparty.com] writes:

It turns out that Lenovo has code in their BIOS which creates and maintains a backdoor executable in Windows 7 and Windows 8.x installs. Simply wiping the machine when you bring it home to remove the factory crap-ware is not enough to overcome this implementation. This issue is supposed to have been resolved via a recently released patch that doesn't remove but rather disables this 'feature' which is being called the Lenovo Service Engine.

Original Source for the news:
http://arstechnica.com/civis/viewtopic.php?p=29497693&sid=ddf3e32512932172454de515091db014#p29497693 [arstechnica.com]

Link to patch:
https://support.lenovo.com/us/en/product_security/lse_bios_notebook [lenovo.com]

This exploit takes advantage of a Windows feature called Windows Platform Binary Table. This is essentially a method created for the purpose of enabling UEFI bioses to load extra binaries at boot time.

link to paperon WPBT:
http://feishare.com/attachments/article/298/windows-platform-binary-table.pdf [feishare.com]

Original Submission