Lenovo recently released a new version of the system software update that fixes several vulnerabilities which attackers could increase their user rights. Something that is especially a problem in corporate environments, said Martin Rakhmanov from security firm Trustwave.
He discovered can perform one of the vulnerabilities could allow a user who has access to a system can read and delete arbitrary files, as well as assignments as manager. The leak of Rakhmanov does not stand alone. In recent months, were discovered several vulnerabilities in the "System Update Software". The software is installed on most Lenovo computers and checks for new versions of drivers and other software. Using the software, users can also download and install updates.
The leak that Rakhmanov discovered, according to the researcher, especially in corporate environments is a serious problem, since the Lenovo software is installed on each workstation Lenovo. Administrators therefore be advised to version 5.07.0013 to update.
No comments:
Post a Comment