Lenovo’s laptop customers are being warned about a potential nasty bug that could allow hackers to access their data in the latest firmware update. The BIOS vulnerability allows attackers to take over your computer as soon as it boots up and has proven effective against Windows, MacOS and Linux machines. Before you upgrade, make sure you back-up everything on your hard drive or just avoid updating altogether.,
The “Lenovo laptops” is a laptop that could be vulnerable to a nasty bug. The Lenovo laptops are also known for being very cheap, but the quality of the hardware is not as good as other laptops. Read more in detail here: lenovo laptops.
Alexandru Poloboc is an author.
Editor of the News
Alex spent the most of his time working as a news reporter, anchor, and on TV and radio, with an overriding drive to always get to the bottom of things and find the truth… Continue reading
- Lenovo customers should be very cautious about how they safeguard themselves.
- A new vulnerability enables attackers to run commands with administrative capabilities.
- Needless to say, this may have serious ramifications for everyone concerned.
- The only way to get around this problem is to think about upgrading.
Lenovo laptops are now susceptible to a privilege elevation flaw in the ImControllerService service, which you should be aware of.
As a result of this severe flaw, attackers may be able to run commands with admin capabilities on your Lenovo device.
These issues impact the ImControllerService component of all Lenovo System Interface Foundation versions below 1.1.20.3 and are tagged as CVE-2021-3922 and CVE-2021-3969.
This phenomena is referred to as System Interface Foundation Service while examining the Windows services panel.
Lenovo computers are susceptible to a flaw that grants administrative rights.
Lenovo System Interface Foundation, which allows Lenovo devices interface with universal applications like Lenovo Companion, Lenovo Settings, and Lenovo ID, includes this service.
In addition, the aforementioned service is preloaded on a variety of Lenovo models, including Yoga and ThinkPad laptops.
The Lenovo System Interface Foundation Service offers interfaces for important functionality including system power management, optimization, and driver and application updates.
Information also sends it to Lenovo programs such as Lenovo Companion, Lenovo Settings, and Lenovo ID for system settings.
On October 29, 2021, a group of researchers from NCC Group identified these vulnerabilities and reported them to Lenovo.
The security upgrades were provided on November 17, 2021, and the related alert was posted on December 14, 2021.
System privileges, as the name implies, are the highest user rights available in Windows, allowing a user to execute nearly any command on the operating system.
As a result, if a hostile third party acquires access to Windows system rights, they have total control over the machine and may install malware, create users, and alter practically any system configuration.
The service will then spawn further child processes, each of which will create named pipe servers for communication with the child process through the ImController service.
Unfortunately, the service does not encrypt interactions between privileged child processes and does not verify the source of XML serialized instructions.
What can I do to resolve this issue?
If you want to take things into your own hands and solve this major situation, you can only do so by upgrading.
It is recommended that all Windows users using Lenovo laptops or desktops running ImController version 1.1.20.2 or older update to the most recent version available (1.1.20.3).
Follow these steps to figure out the version you’re running:
- Navigate to C:WindowsLenovoImControllerPluginHost in File Explorer.
- Select Properties from the right-click menu for Lenovo.Modern.ImController.PluginHost.exe.
- Select the Details tab.
- Read the File version of the document.
Removing the ImController component, or the Lenovo System Interface Foundation, from your device is not suggested since it may disrupt certain functionalities, even if it is not deemed critical.
Have you run across any of these issues with your Lenovo setup? Please share your thoughts in the comments box below.
Was this page of assistance to you?
Thank you very much!
There are insufficient details It’s difficult to comprehend Other Speak with a Professional
Start a discussion.
Watch This Video-
Related Tags
- lenovo ideapad 1
- lenovo computer
- is lenovo a good brand