Get Tech Support Now - (818) 584-6021 - C2 Technology Partners, Inc.

Get Tech Support Now - (818) 584-6021 - C2 Technology Partners, Inc.

C2 provides technology services and consultation to businesses and individuals.

T (818) 584 6021
Email: info@c2techs.net

C2 Technology Partners, Inc.
26500 Agoura Rd, Ste 102-576, Calabasas, CA 91302

Open in Google Maps
QUESTIONS? CALL: 818-584-6021
  • HOME
  • BLOG
  • SERVICES
    • Encryption
    • Backups
  • ABOUT
    • Privacy Policy
FREECONSULT
Wednesday, 06 July 2016 / Published in Woo on Tech

BIOS zero-day impacts Lenovo

Lenovo zero day warning

It wasn’t enough that one tech giant was making hot headlines because their products were literally a fire hazard, now computer manufacturer Lenovo is feeling the burn due to a recently disclosed vulnerability that could have a widespread impact on many of their computers. Dubbed “ThinkPwn” by its discoverer as a play on the popular Lenovo ThinkPad model, this particular weakness seems to impact the entire ThinkPad line going back several years as it’s a flaw embedded in the firmware of the chipset used in dozens of computer models, including, unfortunately, HP and motherboards made by component manufacturer Gigabyte, which are extremely popular amongst build-your-own PC enthusiasts. The ThinkPwn weakness appears within low-level code that provides core security infrastructure to the operating system that runs on top of it. If Microsoft Windows was your house, this code is a big crack in your foundation.

What this means for you:

Neither Lenovo or HP have disclosed which models are affected, but it seems widespread enough that Lenovo has issued an “industry-wide” warning. Presumably all affected manufacturers are working on security fixes, but none are available yet, so if you own an HP or Lenovo (or Gigabyte-powered PC), sit tight, make sure your antivirus is up to date, and remain vigilant.

How did this vulnerability come to impact so many computers? The hardware-layer code that powers the machine-OS interface (BIOS on older machines, UEFI on newer computers) is also written and updated by a small number of companies called Independent BIOS Vendors or IBVs, all of whom use a base set of code from chipset manufacturers like Intel and AMD. Like so many other widespread weakness, the proliferation of the flaw comes from everyone in the industry relying on a core set of code. Thank you, Mass Production!

  • Tweet
Tagged under: bios, lenovo, security, thinkpwn, uefi, zero day

What you can read next

Chip Shortages = Shipping Delays and Backorders
Wi-Fi
Does Wi-Fi endanger our health?
BlackBerry logo
Strategy Pivot for BlackBerry in the Making?

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Recent Posts

  • Social Media monetizes our need to be social

    Part of our occasional series “The Elepha...
  • Freemail accounts will be hacked

    Most of you know that I do not recommend using ...
  • LastPass Breach is bad news for everyone

    Late in the year, just in time for the holidays...
  • 2023 – Approach with Caution

    Traditionally I like my year-end messages to be...
  • Privacy sign

    Popular tax apps leaked your data to Facebook

    While it shouldn’t come as a surprise to any of...

Archives

  • GET SOCIAL
Get Tech Support Now - (818) 584-6021 - C2 Technology Partners, Inc.

© 2016 All rights reserved.

TOP