“Non-removable” malware infects millions of laptops! Al-Manar TV website – Lebanon

Windows users have been put on alert following security experts discovered malware on millions of laptops that is almost impossible to remove.

And if you’re wondering if your device has been affected and how to keep it safe, here’s what you need to know.

More than 100 Lenovo laptops appear to be affected by three critical vulnerabilities that allow hackers to covertly install malware, which is nearly impossible to remove or even detect. The vulnerabilities allow hackers to modify the computer’s Unified Extensible Firmware Interface (UEFI), which is the first piece of software that runs when the computer is turned on.

UEFI is the link between a computer’s firmware and the operating system, and is located on the motherboard of the PC itself, making UEFI troubleshooting difficult and even difficult to remove.

The study, conducted by ESET, found vulnerabilities in more than 100 different models of Lenovo laptops including affordable devices such as the Ideapad-3, to more advanced devices such as the Legion 5 Pro-16ACH6 H or Yoga Slim 9-14ITL05.

Lenovo was informed of ESET’s findings last October, with the Chinese tech giant releasing an update this month that should keep affected users safe. Speaking regarding the threat in an online post, ESET said: “UEFI threats can be hidden and very dangerous. It is executed early in the boot process, before control is transferred to the operating system, which means it can bypass all security measures.”

While the vast majority of affected devices are laptops that are still receiving updates, there are a number of models – including the Ideapad 330-15IGM and Ideapad 110-15IGR – that will not receive patches as they reach end of development support (EODS).

Advice to affected users on how to stay safe, ESET said: “We strongly advise all owners of Lenovo laptops to check the list of affected devices and update their firmware, ideally following the manufacturer’s instructions. For those using End of Development Support (EODS) devices affected by CVE-2021-3972, without any available fixes: One of the things that can help you protect once morest unwanted modification of the UEFI Secure Boot state, is to use TPM-aware. Disk encryption solution is able to make disk data inaccessible if UEFI Secure Boot configuration changes.

Source: Express

Leave a Replay