Lenovo Update Fixes Two High-Risk Security Flaws
| Phenny Lynn Palec | | Jun 27, 2016 04:17 AM EDT |
(Photo : Reuters) Chinese tech company Lenovo recently rolled out a patch in order to fix two high-severity vulnerabilities in its Lenovo Solution Center support tool.
Chinese tech company Lenovo recently rolled out a patch in order to fix two high-severity vulnerabilities in its Lenovo Solution Center support tool. The tool is preinstalled on many laptops and desktop computers manufactured by Lenovo, which is why the company considered it as a high priority update.
Like Us on Facebook
Lenovo said that the patch will fix the flaw that allows hackers to remotely control a computer and terminate antivirus programs running on it in order to avoid detection. The Lenovo Solution Center is a nifty tool that allows users to easily check the status of their computer's firewall, antivirus programs, as well as update their Lenovo software, perform backups, run hardware tests, acquire registration and warranty details, and check battery information.
The two vulnerabilities on Lenovo's support tool were tracked as CVE-2016-5248 and CVE-2016-5249 and were posted on the Common Vulnerabilities and Exposures database. The two flaws were first discovered by security researchers working for Trustwave.
Moreover, the vulnerabilities affect Lenovo Solution Center version 3.3.002 and earlier.
The CVE-2016-5249 allows hackers who already have control of a limited account running on a desktop computer to execute malicious codes through the LocalSystem account, which requires a higher privilege permission.
The other vulnerability, CVE-2016-5248, allows any local user to send a command to the LSC Services system, which can be used to terminate other processes running on the system, regardless of permission privilege. Security researchers found out that the target process could cover any running application, but hackers tend to target antivirus programs and security applications most of the time in order to avoid detection.
These two recently discovered flaws were not the first to be discovered in the Lenovo Solution Center. However, over the years, Lenovo has been consistently on time in patching these vulnerabilities before they can be exploited by malicious users.
The Lenovo Solution Center was even praised by many security analysts for being one of the most secure update tools that is preinstalled on computers.
TagsLenovo, Lenovo patch, Lenovo hack, Lenovo security news, Lenovo hacks, Lenovo Update, Lenovo new patch
©2015 Chinatopix All rights reserved. Do not reproduce without permission
EDITOR'S PICKS
-
Did the Trump administration just announce plans for a trade war with ‘hostile’ China and Russia?
-
US Senate passes Taiwan travel bill slammed by China
-
As Yan Sihong’s family grieves, here are other Chinese students who went missing abroad. Some have never been found
-
Beijing blasts Western critics who ‘smear China’ with the term sharp power
-
China Envoy Seeks to Defuse Tensions With U.S. as a Trade War Brews
-
Singapore's Deputy PM Provides Bitcoin Vote of Confidence Amid China's Blanket Bans
-
China warns investors over risks in overseas virtual currency trading
-
Chinese government most trustworthy: survey
-
Kashima Antlers On Course For Back-To-Back Titles
MOST POPULAR
LATEST NEWS
Zhou Yongkang: China's Former Security Chief Sentenced to Life in Prison
China's former Chief of the Ministry of Public Security, Zhou Yongkang, has been given a life sentence after he was found guilty of abusing his office, bribery and deliberately ... Full Article
TRENDING STORY
China Pork Prices Expected to Stabilize As The Supplies Recover
-
Elephone P9000 Smartphone is now on Sale on Amazon India
-
There's a Big Chance Cliffhangers Won't Still Be Resolved When Grey's Anatomy Season 13 Returns
-
Supreme Court Ruled on Samsung vs Apple Dispute for Patent Infringement
-
Microsoft Surface Pro 5 Rumors and Release Date: What is the Latest?
