Lenovo System Update Vulnerability

General Questions, Rumors, Real news & More
Post Reply
Message
Author
UMPC2024
Sophomore Member
Posts: 147
Joined: Sun Nov 24, 2013 1:18 am
Location: Portland, OR surrounding areas

Lenovo System Update Vulnerability

#1 Post by UMPC2024 » Thu May 07, 2015 1:16 am

Just came across this article, but not sure how much it applies.
http://www.theverge.com/2015/5/6/855788 ... -in-lenovo
I personally stopped using Lenovo System update to do anything on my ThinkPads.
Thoughts?

600X
Senior Member
Senior Member
Posts: 683
Joined: Tue May 21, 2013 3:31 am
Location: Burlington, NC

Re: Lenovo System Update Vulnerability

#2 Post by 600X » Thu May 07, 2015 1:48 am

I've never liked system update, it only caused problems. So I haven't been using it anyway. I've told people not to use it, but they didn't listen. This is what they get. :lol:
Daily: T440s
Classics: 600X (850MHz), A31p (FlexView), X41, T60 (LED FlexView), R61 (QXGA FlexView), X301 (AFFS)

Puppy
Senior ThinkPadder
Senior ThinkPadder
Posts: 2256
Joined: Sat Oct 30, 2004 4:52 am
Location: Prague, Czech Republic

Re: Lenovo System Update Vulnerability

#3 Post by Puppy » Thu May 07, 2015 4:55 am

It is not a remote attack, after all: https://support.lenovo.com/us/en/produc ... _privilege

Lenovo System Update validates all system update files as they are downloaded from the Lenovo servers. However, if the local system contains malware, it is possible that the downloaded updates could be altered before installation creating a race condition. The latest Lenovo System Update release eliminates this possibility.

It is rather embarrassing issue revealing there is no good QA and code review in Lenovo software department.
ThinkPad (1992 - 2012): R51, X31, X220, Tablet 8

Post Reply
  • Similar Topics
    Replies
    Views
    Last post

Return to “GENERAL ThinkPad News/Comments & Questions”

Who is online

Users browsing this forum: No registered users and 3 guests