Hello Guest, welcome to torrentinvites.org - Your #1 source for Torrent Invites!
CLICK HERE to register for free and gain full access to TI.org!
Torrent Invites! Buy, Trade, Sell Or Find Free Invites, For EVERY Private Tracker! HDBits.org, BTN, PTP, MTV, Empornium, Orpheus, Bibliotik, RED, IPT, TL, PHD etc!
-
Lenovo Accused Of ‘Massive Security Risk’ By Researchers
The IOActive researchers reported that Lenovo devices software has serious security flaws and vulnerabilities that can be easily exploited by cybercriminals for installing malware.
Globally active Chinese PC manufacturer Lenovo has been accused by researchers for running a “massive security risk” when experts identified exploitable flaws in its software.
Reportedly, security Firm IOActive’s researchers discovered vulnerabilities in Lenovo software and alerted the company in February 2015. However, the findings were made public only recently.
Researchers believe that three vulnerabilities can be easily exploited by cybercriminals for installing malware on user’s PC and thus, the flaw can provider attackers with full control of the system.
The findings were not just acknowledged by Lenovo but the manufacturer urged users to download and install a patch, which was released in April, for preventing such risks.
IDENTIFIED FLAWS:
One of the three flaws lets both remote and local attackers to “bypass signature validation checks and replace trusted Lenovo applications with malicious applications”, reported the researchers.
This flaw can potentially expose Lenovo users to the “coffee shop attacks” that lets attacker takeover a connection to any public Wi-Fi.
Researchers also stated that the attacker can easily “exploit this to swap Lenovo’s executables with a malicious executable.”
The remaining two flaws allow attackers to acquire a higher level of control over any system that they usually can. This way, they can easily run malicious commands, says Professor Alan Woodward, Surrey University’s security expert.
According to Woodward “Lenovo have been found wanting again on the security front. They seem to be exposing users to potential remote hacking this time. Very disappointing!”
He added that Lenovo was “building a lamentable record for security.”
Lenovo was forced to eliminate hidden “Superfish” adware that was pre-installed on its machines, which compromised users’ security.
As per Lenovo spokesman its security and development teams has been working with IOActive on the identified vulnerabilities in its system’s update feature.
Tags for this Thread
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules