If you haven’t done so yet, we recommend that you update your Lenovo laptop, let’s find out why in the full article
The news was reported on the manufacturer’s website, in the section dedicated to news relating to the same, on official press release speaks of ben 3 specific vulnerabilities, that would have an average security impact in terms of use for malicious purposes, and with a “Privilege escalation“. The news was then promptly reported by ESET security officers, well-known antivirus. They are the very first who have highlighted the risks and discovered the same.
The 3 vulnerabilities in question apparently arise from a flaw in the Firmware level, in particular they could give access to certain areas and to allow modification of the UEFI, which we remember, the latter contains all those code packages that allow the start of the processor and all the basic services. To be clearer, since the flaw is present in a level that occurs well before the full boot of the operating system, and therefore even before the antivirus can startcould allow malicious people to steal personal data by infecting the machine while remaining completely undisturbed.
Some ESET researchers have indeed stated the following;
UEFI threats can be extremely dangerous. Our discovery of these so-called UEFI secure backdoors is proof that in some cases the implementation of UEFI threats may not be as difficult as expected.
If you have a Lenovo laptop, you should upgrade now!
What are the models that could suffer from this flaw? Apparently over 100, including IdeaPad e Legion just to name a few. Vulnerabilities are called;
- CVE-2021-3970
- CVE-2021-3971
- CVE-2021-3972
At the moment the company has already released the security update which should have fixed the problem. The advice is to obviously update the firmware to limit any damage.
Brief focus on vulnerabilities
Starting with the CVE-2021-3970 flaw, it would apparently have the potential to sneak into the suite LenovoVariable SMI Handler and allow a hacker with local access and elevated privileges to execute arbitrary code.
Different and more dangerous still CVE-2021-3971in fact, by acting at the BIOS level, it would allow a hacker with high privileges to modify the firmware protection region by modifying an NVRAM variable, all starting from a simple driver. The last one, CVE-2021-3972, always originating from a Driver, would allow you to change the secure boot setting by modifying an NVRAM variable.
If you want to continue to know the latest news from the software world, keep following us. Greetings from TechGameWorld.com.