This app facilitates the users in checking the status of virus and firewalls in their systems, updating their software, having backups, having a check on battery health, run hardware tests and also get information regarding the registration and warranty of the system. The cure for this system disease is Lenovo Solution Center, a pre-installed application on Lenovo laptops and desktops. With obvious outcome, the attackers halts all the requests and sends malware viruses to the system creating major security issue. The computers affected by this vulnerability cannot encrypt any update that has been downloaded through HTTP connections. Your system’s privacy will not be compromised. Yes, the threat which would allow attackers to implement code with system rights and hijack system has now been resolved. This scenario might be scary enough for new PC buyers, but the good thing is, a way has been found to fix this disaster. For your own safety it is advised to install a clean version of windows on new systems instead of relying on the already installed. One can uninstall it by clicking on ‘Apps and Features’ in Windows 10, then selecting Lenovo Accelerator Application followed by clicking on the “Uninstall” option. If a user opens a malicious site or fake URL while this app is running in the background the user may be affected even when the app is not running. Issues were discovered by Lenovo’s backend services, which pointed out how this app gives any local user the pass to execute any random code with SYSTEM level privileges. As customer’s security and privacy is the first priority which should never be compromised. They have testing all the affected tools and will soon give a permanent fix to solve this issue permanently. However, all the five companies were thankful to the Duo Security for pointing out this serious vulnerability to them. But Dell was the only one to give a statement about the whole issue and recently Lenovo has fixed the issue while the rest three are still to give an official statement about this whole issue. Lenovo − It has one risk issue it allows random code execution.Īll these companies were asked to report regarding this issue. But five different medium, to lower these risks were also discovered. HP − It accompanies two risk flaws which leads to random code execution. Let us discuss the security flaws in each one of them –Īcer − Only flaw is it allows a third party for random code execution.Īsus − It permits random code execution along with one medium severity local privilege issue.ĭell − It has one risk flaw that is absence of certificate best practices which is also known as eDellRoot. Hence, Lenovo started requesting all its user to uninstall Lenovo Accelerator Application. They were Acer, ASUSTek computer, Lenovo, Dell and HP. Till date, Live Agent is considered as the worst software update since the brand was visible in five different manufacturers. In-short all your files and system settings with higher permission could be obtained by some unknown software. This problem is so scary, this gives a third party access to your system resources which are usually locked or protected, which we consider as private, secure from any interferences by the system and the user as well. Like an insecure Wifi connection that may trick the Live Agent into downloading and executing the malware. This gives the attackers a gateway to intercept user’s traffic. In addition to this also note that, Live agent does not validate the digital signatures of the files which are downloaded before running them. The company discovered a process called Live Agent which is an updated component of Lenovo Accelerator component which doesn’t use encrypted connection while downloading or checking for updates. This threat was pointed out by researchers while analyzing the OEM software update tools from five different PC manufacturers. But, lately Lenovo is recommending all its users to remove a preloaded application from their systems because of serious flaw that would permit attackers on their systems. Whenever we think about buying a new computer or lappy, the first brand that strikes is Lenovo. Some of these may also be unwanted like the support tools installed by Lenovo. These are also known as “bloatware” as it just fills the disk space regardless of the user’s wish to have it in the new system or not. Whenever we buy a new lappy or computer we get a pool of softwares pre-installed in the system.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |