Bleeping Computer

New Lenovo UEFI firmware updates fix Secure Boot bypass flaws

Lenovo is warning of high-severity BIOS flaws that could let attackers bypass Secure Boot on all-in-one desktops using customized Insyde UEFI firmware. Devices confirmed to be impacted are IdeaCentre ...
CRN

Lenovo Resolves UEFI Firmware Issues That Could Turn Off Secure Boot

The vulnerabilities were introduced when Lenovo inadvertently included an early development driver in the commercial versions of their software. Lenovo has released fixes for high-severity bios ...
Bleeping Computer

Lenovo fixes flaws that can be used to disable UEFI Secure Boot

Lenovo has fixed two high-severity vulnerabilities impacting various ThinkBook, IdeaPad, and Yoga laptop models that could allow an attacker to deactivate UEFI Secure Boot. UEFI Secure Boot is a ...
heise online

Security updates: UEFI security vulnerabilities jeopardize Lenovo All-in-One PCs

Due to several UEFI vulnerabilities, attackers can attack certain Lenovo All-in-One PC models from the IdeaCentre and Yoga series. In the worst case, they can bypass security mechanisms and completely ...
ZDNet

Lenovo patches UEFI firmware vulnerabilities impacting millions of users

Lenovo has patched a trio of bugs that could be abused to perform UEFI attacks. A roundup of the best software and apps for Windows and Mac computers, as well as iOS and Android devices, to keep ...
Ars Technica

Lenovo driver goof poses security risk for users of 25 notebook models

More than two dozen Lenovo notebook models are vulnerable to malicious hacks that disable the UEFI secure-boot process and then run unsigned UEFI apps or load bootloaders that permanently backdoor a ...