When it comes to security, you like to think that your computers are at least the little bit safe from people who might want to cause you harm. We are reminded on a weekly basis that this may not be true as companies are hacked, accounts are sold online and software is hacked. The latest of these is a breach that sees Lenovo’s ThinkPads suffering from a zero-day firmware issue that could leave the laptops exposed to all kinds of security risks.
The zero-day exploit is courtesy of a privilege escalation flaw found within the Unified Extensible Firmware Interface (UEFI) driver. The exploit, titled ThinkPwn, was published by researcher Dmytro Oleksiuk and would allow hackers to execute code as if they were part of the System Management Mode (SMM). The SMM is typically reserved as a privileged operating mode for the CPU.
The flaw could be used to disable features such as Secure Boot, something that helps protect your computers against boot-level rootkits. According to Lenovo, the flaw was not in their unique version of the UEFI but rather in an implementation provided to the company. As a precaution, Lenovo has stated that they are now working with various companies to rule out any additional issues in the BIOS code provided to the company.
According to a new report, the GeForce RTX 5090 GPU will be very expensive. It…
A new AMD processor in the form of an engineering model has been leaked in…
SK Hynix has claimed to be the first company to mass-produce 321-layer NAND memory chips.…
SOUNDS GREAT – Full stereo sound (12W peak power) gives your setup a booming audio…
Special Edition Yoshi design Ergonomic controller shape with Nintendo Switch button layout Detachable 10ft (3m)…
Fluid Motion: These flight rudder pedals are smooth and accurate that enable precise control over…