Lenovo used shady 'rootkit' tactic to quietly reinstall unwanted software

Lenovo used shady 'rootkit' tactic to quietly reinstall unwanted software

تاریخ ایجاد

Number: IRCNE2015082608
Date: 2015/08/24

According to “computerworld”, Lenovo has been caught using a technique, often used by some malware to withstand being deleted, to reinstall unwanted software on the computers it sells.
As reported on a number of forums and news-sharing sites, some users have accused the computer maker of overwriting Windows files to ensure its own-brand software and tools were installed -- even after a clean install of the operating system.The issue was first reported as early as May, but was widely reported Tuesday.
The "rootkit"-style covert installer, dubbed the Lenovo Service Engine (LSE), works by installing an additional program that updates drivers, firmware, and other pre-installed apps. The engine also "sends non-personally identifiable system data to Lenovo servers," according to the company. The engine, which resides in the computer's BIOS, replaces a core Windows system file with its own, allowing files to be downloaded once the device is connected to the internet.
In a July 31 security bulletin, the company warned the engine could be exploited by hackers to install malware. The company issued a security update that removed the engine's functionality, but users must install the patch manually.
Many Yoga and Flex machines (among others) running Windows 7, Windows 8, and Windows 8.1 are affected by the issue. Business machines, such as Think-branded PCs, are not affected.

برچسب‌ها