Windows users have been put on alert after security experts discovered malware on millions of laptops that is almost impossible to remove.
And if you’re wondering if your device has been affected and how to keep it safe, here’s what you need to know.
More than 100 Lenovo laptops appear to be affected by three critical vulnerabilities that allow hackers to covertly install malware, which is nearly impossible to remove or even detect. The vulnerabilities allow hackers to modify the computer’s Unified Extensible Firmware Interface (UEFI), which is the first piece of software that runs when the computer is turned on.
UEFI is the link between a computer’s firmware and the operating system, and is located on the motherboard of the PC itself, making UEFI troubleshooting difficult and even difficult to remove.
read more
Xiaomi reveals the specifications of its new competitor phone that will work with 5G networks
Xiaomi reveals the specifications of its new competitor phone that will work with 5G networks
The study, conducted by ESET, found vulnerabilities in more than 100 different models of Lenovo laptops including affordable devices such as the Ideapad-3, to more advanced devices such as the Legion 5 Pro-16ACH6 H or Yoga Slim 9-14ITL05.
Lenovo was informed of ESET’s findings last October, with the Chinese tech giant releasing an update this month that should keep affected users safe. Speaking about the threat in an online post, ESET said: “UEFI threats can be very hidden and dangerous. They are executed early in the boot process, before control is transferred to the operating system, which means they can bypass all security measures.”
While the vast majority of affected devices are laptops still receiving updates, there are a number of models – including the Ideapad 330-15IGM and Ideapad 110-15IGR – that will not receive patches as they reach End of Development Support (EODS).
Advice to affected users on how to stay safe, ESET said: “We strongly advise all owners of Lenovo laptops to check the list of affected devices and update their firmware, ideally following the manufacturer’s instructions. For those using affected end-of-development support (EODS) devices With CVE-2021-3972, WITHOUT ANY FIXES AVAILABLE: One of the things that can help you protect against unwanted modification of the UEFI Secure Boot state, is to use TPM Aware – a disk encryption solution capable of making disk data inaccessible if UEFI Secure Boot Configuration Changed”
You may also be interested in: