1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Firmware exploit can defeat new Windows security features on Lenovo ThinkPads

Discussion in 'Network World' started by RSS, Jul 1, 2016.

  1. RSS

    RSS New Member Member

    A newly released exploit can disable the write protection of critical firmware areas in Lenovo ThinkPads and possibly laptops from other vendors as well. Many new Windows security features, like Secure Boot, Virtual Secure Mode and Credential Guard, depend on the low-level firmware being locked down.

    The exploit, dubbed ThinkPwn, was published earlier this week by a researcher named Dmytro Oleksiuk, who did not share it with Lenovo in advance. This makes it a zero-day exploit -- an exploit for which there is no patch available at the time of its disclosure.

    ThinkPwn targets a privilege escalation flaw in a Unified Extensible Firmware Interface (UEFI) driver, allowing an attacker to remove the flash write protection and to execute rogue code in the SMM (System Management Mode), a privileged operating mode of the CPU.

    To read this article in full or to leave a comment, please click here

    Continue reading...
     

Share This Page