Lenovo Support Software Allowed for Malicious Code, Now Fixed - The UpStream

Lenovo Support Software Allowed for Malicious Code, Now Fixed

posted Saturday Jun 25, 2016 by Scott Ertz

Lenovo Support Software Allowed for Malicious Code, Now Fixed

One of the topics we talk about a lot here is personal security and for good reason: There are lots of ways to get harmed through technology. Whether it be a malicious ad on a website, an attachment in an email or an app in an app store, if someone wants your information there are plenty of ways to get it. Over the years Microsoft has tried to prevent that in Windows, but it requires everybody involved to be responsible and observant.

This week Lenovo announced that they had not fulfilled their end of the bargain. 2 flaws found in Lenovo Solution Center, a product that comes preinstalled on many of their computers, were found to make it easy for third parties to steal data off of Lenovo computers. This was done by giving would be hackers the ability to bypass Microsoft's User Account Controls.

UAC is Microsoft's way of ensuring that the person sitting at the computer means to do the thing that's about to happen. For example when you install software you get the yellow dialogue asking if you mean to do this. Almost every account on a computer has some sort of UAC limitation.

One of the few that does not is LocalSystem. This is an account created by Microsoft, designed specifically for Windows to be able to do things in the background without having to bother the user. One of the issues from Lenovo gives any user the ability to route commands through LocalSystem instead of their own user.

Obviously this issue does not create a problem on its own. What it does is gives third party software the ability to take advantage of a lapse in security. For example if you were to accidentally click on a bad link on a website, this exploit could install software on your computer without you knowing - The whole reason that UAC exists.

The second flaw allows the same software to install without other alarm bells going off. It allows a user to terminate an existing process without permission. So for example if a third party wanted to install hijacking software on your computer your antivirus would probably prevent it. That is unless the hijacking software terminated your antivirus before installing.

This is not Lenovo's first bout with major security problems. Last year the company made headlines for Superfish, another product that came preinstalled on their computers which turned out to be adware. Because of these security issues, Lenovo has become the face of why you should uninstall the preinstalled software on your phone, computer and tablet.

If you don't plan on uninstalling the included software do you make sure that your automatic updates are turned on, which they should always be. This will allow them to patch these problems as they occur, which Lenovo has done this week.


Login to CommentWhat You're Saying

Be the first to comment!

We're live now - Join us!



Forgot password? Recover here.
Not a member? Register now.
Blog Meets Brand Stats