Lenovo had identified a flaw in his LSE (Lenovo Service Engine) and delivered an update on 31 July for some his notebooks under Windows. (Credit: DR)
After the episode of adware Superfish a few months ago, Lenovo redone about him to have pre-installed on Windows PCs via its BIOS , tools that the user automatically Reinstalling even after cleaning the computer.
Lenovo’s once again under the spotlight for various tools pre-installed on its computers. This time it is a feature in the BIOS that automatically downloads software related to certain services (Lenovo Service Engine) even when the user has performed a clean install of Windows after cleaning up his computer. Microsoft actually allows this practice, but the problem is that the way the thing is done here can cause a security vulnerability discovered in the spring by an independent security researcher. Microsoft had then contacted recommendations when using this technique (Windows Platform Binary Table) the BIOS. As Lenovo Service Engine device did not meet the manufacturer has removed the tool from its BiOS on all PCs shipped after June The company also delivered a specific deinstallation tool and conducted a its BIOS update on July 31 to remove the tools on some of its notebooks. Tens of PCs are affected but not the Think range, says the manufacturer. There are already a few months, Lenovo had been criticized for some PCs preloaded on the public Superfish adware
.
The revelation of this mechanism raises two issues: further that its existence has been largely ignored, it is questionable whether other vendors PC did not use to silently install their own tools. As mentioned in the site TheNextWeb, Lenovo service was not only about the drivers update, firmware and pre-installation of apps, but also sent system information to a Lenovo server to help the manufacturer understand how customers are using products. Although Lenovo specifies that it does not collect personally identifiable information, users were not warned.
No comments:
Post a Comment