When it comes to security, you like to think that your computers are at least the little bit safe from people who might want to cause you harm. We are reminded on a weekly basis that this may not be true as companies are hacked, accounts are sold online and software is hacked. The latest of these is a breach that sees Lenovo’s ThinkPads suffering from a zero-day firmware issue that could leave the laptops exposed to all kinds of security risks.
The zero-day exploit is courtesy of a privilege escalation flaw found within the Unified Extensible Firmware Interface (UEFI) driver. The exploit, titled ThinkPwn, was published by researcher Dmytro Oleksiuk and would allow hackers to execute code as if they were part of the System Management Mode (SMM). The SMM is typically reserved as a privileged operating mode for the CPU.
The flaw could be used to disable features such as Secure Boot, something that helps protect your computers against boot-level rootkits. According to Lenovo, the flaw was not in their unique version of the UEFI but rather in an implementation provided to the company. As a precaution, Lenovo has stated that they are now working with various companies to rule out any additional issues in the BIOS code provided to the company.
If you play DnD and if you play DnD online there is a very high…
The new patch for Dragons Dogma 2 is here and it has fixed many of…
With unprecedented new performance hybrid architecture, 12th Generation Intel® Core™ processors offer a unique combination…
Leveraging more than 14 years of professional PC building know how, NZXT has provided the…
Everest Max is the last word in mechanical keyboards with modularity and customization unlike any…
G502 X PLUS is the latest addition to legendary G502 lineage. Reinvented with our first-ever…