When it comes to security, you like to think that your computers are at least the little bit safe from people who might want to cause you harm. We are reminded on a weekly basis that this may not be true as companies are hacked, accounts are sold online and software is hacked. The latest of these is a breach that sees Lenovo’s ThinkPads suffering from a zero-day firmware issue that could leave the laptops exposed to all kinds of security risks.
The zero-day exploit is courtesy of a privilege escalation flaw found within the Unified Extensible Firmware Interface (UEFI) driver. The exploit, titled ThinkPwn, was published by researcher Dmytro Oleksiuk and would allow hackers to execute code as if they were part of the System Management Mode (SMM). The SMM is typically reserved as a privileged operating mode for the CPU.
The flaw could be used to disable features such as Secure Boot, something that helps protect your computers against boot-level rootkits. According to Lenovo, the flaw was not in their unique version of the UEFI but rather in an implementation provided to the company. As a precaution, Lenovo has stated that they are now working with various companies to rule out any additional issues in the BIOS code provided to the company.
