Physical Address

304 North Cardinal St.
Dorchester Center, MA 02124

We use cookies to ensure that we give you the best experience on our website.
Lenovo releases security fixes for bugs in its devices

Lenovo releases security patches for bugs in its devices  

Lenovo releases security fixes for bugs in its devices
lenovo releases security fixes for bugs in its devices

Lenovo has released security patches for bugs in its devices including ThinkPad, Notebook and desktop computers

The company urged users to update to the latest security patch to keep their systems safe.

The update fixed security for BIOS security vulnerabilities from various vendors that could cause information disclosure, privilege escalation, and denial of service on affected systems.

Earlier on Monday, the Indian Computer Emergency Response Team (CERT-In) issued notes on bugs found in Lenovo products urging users to apply the relevant security updates.

Wide-impact vulnerabilities were found in the security of the BIOS, which is used to start the computer after it is turned on. These bugs have been categorized as high severity by Lenovo and CERT-In.

However, the bugs did not affect all Lenovo products, the company said on its security blog.

Error posting information

A disclosure bug has been found in the TianoCore EDK II BIOS. Similar bugs were also found in the System Management Interrupt (SMI), BIOS SMI Handler password settings, the USB SMI intelligent protection handler, and the System Management Interrupt (SMI) handler used to configure platform settings via Windows Management Instrumentation, according to CERT-In.

Locally authenticated attackers could exploit these flaws by sending specially crafted requests that would compromise the security of affected systems.

A local authenticated attacker includes all users with a system username and password, as well as individuals using non-password-protected accounts such as guest accounts.

The flaw would allow such users to increase their reach within systems and run arbitrary code, bypassing security restrictions and gaining access to sensitive information on affected systems.

A buffer overflow vulnerability

Another bug affecting buffer overflows was also found.

The bug was found to exist due to a buffer overflow error in the WMI SMI Handler that was used to configure platform settings on some Lenovo models.

It could be exploited by local authenticated attackers to send specially crafted requests and overflow the program buffer and overwrite adjacent memory locations.

Attackers could also use it to run arbitrary code on affected systems.

Sanjit
Sanjit

I am Sanjit Gupta. I have completed my BMS then MMS both in marketing. I even did a diploma in computer software and Digital Marketing.

Articles: 4820

Newsletter Updates

Enter your email address below to subscribe to our newsletter

Related Posts

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Trending now

Windows 11 Dev Beta Insider Program 10.0.22581.1 (ni_release) 220318-1623Online Taxi Services Advantages/Disadvantages in shortTOP 10 SEO Techniques to Improve Search Rankings in 2021Real estate sells like NFT for about $ 1 million
%d bloggers like this: