1. Forum
  2. tqwNet
  3. TQW_GENTECH

  • This serious firmware flaw affects a whole load of Lenovo laptops

    From TechnologyDaily@1337:1/100 to All on Thu Jul 14 19:00:04 2022
    This serious firmware flaw affects a whole load of Lenovo laptops

    Date:
    Thu, 14 Jul 2022 13:52:21 +0000

    Description:
    Three flaws discovered in UEFI firmware on Lenovo laptops allow
    cybercriminals to bypass security solutions and deploy malware

    FULL STORY ======================================================================

    Three serious security vulnerabilities has been discovered, and patched, across a whole slew of Lenovo laptops.

    Cybersecurity experts from ESET uncovered the issue in the ReadyBootDxe
    driver used by some Lenovo notebooks, as well as two buffer overflow issues found in the SystemLoadDefaultDxe driver, potentially allowing threat actors to hijack the startup routine of Windows installations.

    The Yoga, IdeaPad, Flex, ThinkBook, V14, V15, V130, Slim, S145, S540, and
    S940 Lenovo lines are all affected, counting more than 70 endpoint models. Improved code

    "These vulnerabilities were caused by insufficient validation of DataSize parameter passed to the UEFI Runtime Services function GetVariable," ESET Research tweeted out, recently.

    "An attacker could create a specially crafted NVRAM variable, causing buffer overflow of the Data buffer in the second GetVariable call."

    The company has also submitted improved code to Binarly's UEFI firmware analyzer 'efiXplorer,' the publication further found, which all interested admins can find on GitHub, for free.

    The vulnerabilities, tracked as CVE-2022-1890, CVE-2022-1891, and CVE-2022-1892, reside in UEFI firmware, and as such, are quite dangerous. Exploiting them allows threat actors to run malware during boot, effectively circumventing any antivirus programs. It also makes malware more persistent, as wiping the disk, which is considered the Hail Mary of virus elimination, doesnt help. Read more

    Intel, Lenovo and more hit by major BIOS security flaws


    This bootkit has been used to backdoor Windows devices for almost a decade


    Here's our rundown of the best antivirus software around

    The silver lining is that not everyone can exploit these flaws - it does require a bit of knowledge. Still, more experienced crooks can wreak major damage.

    To make sure their devices are safe, admins are advised to always keep them
    up to date, both on the software and on the hardware side of things, as well as to keep any software used, updated. Furthermore, having a strong firewall solution helps, as well as antivirus.

    Users that dont know exactly which Lenovo model theyre using can use the companys automatic online detector here . Check out our list of the best laptops for work right now

    Via: BleepingComputer



    ======================================================================
    Link to news story: https://www.techradar.com/news/this-serious-firmware-flaw-affects-a-whole-load -of-lenovo-laptops/


    --- Mystic BBS v1.12 A47 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)