304 North Cardinal St.
Dorchester Center, MA 02124
Lenovo has released security patches for bugs in its devices including ThinkPad, Notebook and desktop computers
The company urged users to update to the latest security patch to keep their systems safe.
The update fixed security for BIOS security vulnerabilities from various vendors that could cause information disclosure, privilege escalation, and denial of service on affected systems.
Earlier on Monday, the Indian Computer Emergency Response Team (CERT-In) issued notes on bugs found in Lenovo products urging users to apply the relevant security updates.
Wide-impact vulnerabilities were found in the security of the BIOS, which is used to start the computer after it is turned on. These bugs have been categorized as high severity by Lenovo and CERT-In.
However, the bugs did not affect all Lenovo products, the company said on its security blog.
Error posting information
A disclosure bug has been found in the TianoCore EDK II BIOS. Similar bugs were also found in the System Management Interrupt (SMI), BIOS SMI Handler password settings, the USB SMI intelligent protection handler, and the System Management Interrupt (SMI) handler used to configure platform settings via Windows Management Instrumentation, according to CERT-In.
Locally authenticated attackers could exploit these flaws by sending specially crafted requests that would compromise the security of affected systems.
A local authenticated attacker includes all users with a system username and password, as well as individuals using non-password-protected accounts such as guest accounts.
The flaw would allow such users to increase their reach within systems and run arbitrary code, bypassing security restrictions and gaining access to sensitive information on affected systems.
A buffer overflow vulnerability
Another bug affecting buffer overflows was also found.
The bug was found to exist due to a buffer overflow error in the WMI SMI Handler that was used to configure platform settings on some Lenovo models.
It could be exploited by local authenticated attackers to send specially crafted requests and overflow the program buffer and overwrite adjacent memory locations.
Attackers could also use it to run arbitrary code on affected systems.