Get Tech Support Now - (818) 584-6021 - C2 Technology Partners, Inc.

Get Tech Support Now - (818) 584-6021 - C2 Technology Partners, Inc.

C2 provides technology services and consultation to businesses and individuals.

T (818) 584 6021
Email: info@c2techs.net

C2 Technology Partners, Inc.
26500 Agoura Rd, Ste 102-576, Calabasas, CA 91302

Open in Google Maps
QUESTIONS? CALL: 818-584-6021
  • HOME
  • BLOG
  • SERVICES
    • Encryption
    • Backups
  • ABOUT
    • Privacy Policy
FREECONSULT
Wednesday, 06 July 2016 / Published in Woo on Tech

BIOS zero-day impacts Lenovo

Lenovo zero day warning

It wasn’t enough that one tech giant was making hot headlines because their products were literally a fire hazard, now computer manufacturer Lenovo is feeling the burn due to a recently disclosed vulnerability that could have a widespread impact on many of their computers. Dubbed “ThinkPwn” by its discoverer as a play on the popular Lenovo ThinkPad model, this particular weakness seems to impact the entire ThinkPad line going back several years as it’s a flaw embedded in the firmware of the chipset used in dozens of computer models, including, unfortunately, HP and motherboards made by component manufacturer Gigabyte, which are extremely popular amongst build-your-own PC enthusiasts. The ThinkPwn weakness appears within low-level code that provides core security infrastructure to the operating system that runs on top of it. If Microsoft Windows was your house, this code is a big crack in your foundation.

What this means for you:

Neither Lenovo or HP have disclosed which models are affected, but it seems widespread enough that Lenovo has issued an “industry-wide” warning. Presumably all affected manufacturers are working on security fixes, but none are available yet, so if you own an HP or Lenovo (or Gigabyte-powered PC), sit tight, make sure your antivirus is up to date, and remain vigilant.

How did this vulnerability come to impact so many computers? The hardware-layer code that powers the machine-OS interface (BIOS on older machines, UEFI on newer computers) is also written and updated by a small number of companies called Independent BIOS Vendors or IBVs, all of whom use a base set of code from chipset manufacturers like Intel and AMD. Like so many other widespread weakness, the proliferation of the flaw comes from everyone in the industry relying on a core set of code. Thank you, Mass Production!

  • Tweet
Tagged under: bios, lenovo, security, thinkpwn, uefi, zero day

What you can read next

iOS 6 logo
Apple Updates iOS to Version 6
Can you spare some CPU cycles?
Windows 10
Microsoft breaks millions of webcams with Win 10 update

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Recent Posts

  • Update your tech vocabulary for 2023

    If there is one thing that the Internet excels ...
  • We sold our souls, but not how you might think.

    Part of an occasional series of articles that d...
  • “Low on Cyan.”*

    If you catch me at the end of a frustrating day...
  • GPTBot starts crawling the web. Resistance is futile.

    I know some of you are Trekkies, and even if yo...
  • Surprise, surprise. Hackers are using AI to bolster their attacks.

    The FBI held a press conference last week to co...

Archives

  • GET SOCIAL
Get Tech Support Now - (818) 584-6021 - C2 Technology Partners, Inc.

© 2016 All rights reserved.

TOP