Description

Researchers from security firm ESET say in many numbers Lenovo laptops discovered vulnerabilities that could disable the secure boot system in them.

Lenovo laptops have three dangerous vulnerabilities that may not be resolved by the update. According to the company, two vulnerabilities may be resolved by receiving the update, but Lenovo has yet to make a decision to fix the latest vulnerability.

ESET security researcher says: About a few months ago I noticed a UEFI vulnerability on Lenovo laptop. A set of three vulnerabilities have been discovered on these laptops, according to NeoWin. The operating system of these laptops by default is Windows 10 and Windows 11. Lenovo has released more details of these vulnerabilities. According to the company, their databases are known as CVE-2022-3430, CVE-2022-3431 and CVE-2022-3432.

In response to these vulnerabilities, Lenovo said the vulnerability was created at the time of construction and for testing on a number of laptops and has not been resolved. Other vulnerabilities are also seen in the old Y700 and 141SK models.

One of the vulnerabilities detected when running the driver can be used by hackers so that it is possible to disable the secure boot system and modify the NVRAM values.

After this, Lenovo announced to users to update their laptop bios. But old laptops will no longer be supported due to the end of the update time.