THEM Lenovo Important updates to fix were made available on Thursday (10) Security flaws in the firmware of laptops from the Yoga, ThinkPad and Ideapad seriesis marketed worldwide by the company. The issues were discovered by researchers from cybersecurity company ESET.
According to the report, the vulnerabilities were caused by a bug made by the Chinese manufacturer that included faulty drivers in the manufacture of the laptops. Because of this flaw, attackers Disable the UEFI Secure Boot toolIt is responsible for ensuring that no malicious code is loaded during computer startup.
if investigated Security vulnerabilities in Lenovo laptops It can allow cybercriminals to circumvent the protection offered by installing and running malware before the operating system is activated. The app also makes it possible for the malicious agent to survive software reinstalls, making it difficult to remove.
The spaces were cataloged as follows: CVE-2022-3430🇧🇷 CVE-2022-3431 and CVE-2022-3432🇧🇷 The latest vulnerability (last 3432) by the brand affects only one laptop model, the Ideapad Y700-14ISK, which is no longer supported and will therefore not receive a fix.
affected models
if you have one Laptop from Lenovo’s ThinkPad, Ideapad or Yoga series The recommendation is to check if the device is among the affected versions by accessing the brand’s support website. If the device appears among those listed, it will be necessary to download and install the fix released by the company.
Errors are fixed by updating the laptop’s BIOS by downloading the file package for your model. All instructions for performing the procedure are available on the page.
A similar issue was spotted by the company in the first half of this year, when more than 100 laptop models were exposed due to an issue. device UEFI firmware error🇧🇷 The solution also came with the installation of hotfix patches.
Source: Tec Mundo