Lenovo Removes Another Pre-Installed Feature over Security FearsAdded: Tuesday, August 18th, 2015
Category: Bit Torrent Freedom > The Industries Of Records, Gaming, Software, Movies
Tags:ET, p2p, Torrent, Piracy, Peer To Peer, Network, Hackers, Internet, BitTorrent, Google, utorrent, bitcomet, extratorrent, www.extratorrent.cc, 2015
Half a year ago, Lenovo had to apologize to its consumers for pre-installing security-busting malware Superfish on its laptops. Today the company has again had to remove another pre-installed feature from its machines over security fears.
This time, the component is called the “Lenovo Service Engine (LSE)” and is built into BIOS. This feature launches after the machine is turned on and replaces Microsoft’s start-up diagnostics program with Lenovo’s version. The latter does all the same things as Microsoft’s, and two more: it makes sure that Lenovo’s own software update tools are still present on the PC or laptop and re-installs them if they were removed. Then the software update tools run to download and install drivers to keeping the machine up to date, along with other software preinstalled on Lenovo devices – the so-called “crapware”.
Like the earlier controversial feature, the LSE also provides almost no benefits to the end user: the software is buried so deeply into the system that it’s very hard to remove. And it also goes beyond annoyance, into pure security vulnerability: the researchers discovered how to use it to perform a “privilege escalation” attack. The latter would allow a hacker to gain greater control over a vulnerable machine.
So, Lenovo had to release updates to uninstall the LSE code, both for laptops and desktops. The company announced the release of Lenovo Product Security Advisories highlighting the new BIOS firmware. The computer manufacturer strongly recommended its users update their systems with the latest BIOS firmware. Lenovo also published a list of the affected models. It is known that no ThinkPad range of business machines was affected.
Shortly after that, Microsoft released new guidelines on how software like LSE should work, thus literally banning Lenovo from shipping it. Microsoft said that Lenovo’s use of LSE was not consistent with the updated guidelines and therefore cannot be installed on Lenovo systems any longer. Microsoft also recommended all users update their systems with the new BIOS firmware, which disables or removes LSE.
By the way, last time Lenovo promised to install no more bloatware on its devices. However, as the most recent problem shows, understanding of what exactly that entails varies.
Tuesday, August 18th, 2015
|Of course the easiest thing to do is not use garbage OS's like Windows... Run Ubuntu. Windows are things than can be opened or smashed, where bad people climb through.|
Only when people don't know how to use Windows OS properly. I am using Windows OS since the past 21 years and have no complaints.
Most Popular Stories