Lenovo computers have another ‘massive security risk’

Lenovo computers have another ‘massive security risk’

Three months ago, Lenovo got into trouble over Superfish, a software add-on which was to bring up extra ads but instead carried a serious security flaw, allowing any hacker to carry out man-in-the-middle attacks remotely.

Now another major security flaw has emerged, allowing hackers to bypass security checks, replace Lenovo software with their own and issue commands remotely.

The security firm IOActive discovered the flaw back in February and informed Lenovo of the problem who then issued a patch at the beginning of April.

Describing it as a “massive security risk”, one issue would allow basic user profiles to be changed so they gain admin-level access to a PC, allowing them to run any programmes or commands they wish.

Another issue would allow remote attackers to replace trusted Lenovo applications with their own malicious versions by creating fake certificates for files.

While a patch has been issued, users still need to download the update themselves so if you have System Update 5.6.0.27 or earlier on your Lenovo computer, you need to update it otherwise you’re at risk.

‘Dave was my rock’: Sheryl Sandberg takes to Facebook to remember her husband

Skype may be about to get a name change

Our goal is to create a safe and engaging place for users to connect over interests and passions. In order to improve our community experience, we are temporarily suspending article commenting