Your Lenovo Is Vulnerable to a New Malware Attack

Image for article titled Your Lenovo Is Vulnerable to a New Malware Attack

Photo: Lukmanazis (Shutterstock)

Lenovo laptop users need to install critical security patches right away to fix several major vulnerabilities that leave their device open to dangerous malware attacks.

Why are Lenovo laptops vulnerable?

According to a recent Lenovo security bulletin, there are multiple bugs present in the Unified Extensible Firmware Interface (UEFI) in over 100 of the manufacturer’s laptop models that hackers could use to write and install modified firmware with hidden malware, which in turn opens the device—and the data on it—to further exploitation. Given the nature of the bugs, it would be virtually impossible to find and remove the modified firmware or the hidden malware installed on an infected device.

How can a hacker exploit my Lenovo’s security?

While serious, a hacker would need local administrator-level access to successfully exploit the UEFI vulnerabilities, which is only possible with either physical access to an affected device or remote access through a virtual desktop program. Anyone with cursory cybersecurity knowledge will recognize the threat such bugs could pose to enterprise-level Lenovo users and corporations that let employees use work machines remotely, but according to the list of affected devices, the vulnerabilities only appear on consumer-level Lenovo laptops where it’s far less likely for some random threat actor to achieve the necessary access.

As Ars Technica points out, there are only a few known instances of UEFI firmware hijackings: The infamous Trickbot malware; the “Lojax” malware written by Russian state hacker group Sednit; and a custom UEFI the cybersecurity firm Kaspersky discovered in 2018, though the only two targets were political figures from Asia.

So do I need to worry?

While it’s improbable to exploit these bugs in the wild, there’s still cause for concern for the average user. Hackers often dupe unsuspecting users into installing remote desktop software on their computers without realizing it, usually through phishing scams, fake ads, or modified download files. In some cases, hackers can even elevate their user privileges to install apps and firmware remotely—and the millions of unpatched Lenovo laptops…