Lenovo fixes two vulnerabilities that could disable UEFI Secure Boot
Software

Lenovo fixes two vulnerabilities that could disable UEFI Secure Boot on its laptops

Lenovo has fixed two dangerous vulnerabilities that could be used by attackers to disable UEFI Secure Boot affecting various models of ThinkBook, IdeaPad and Yoga laptops. UEFI Secure Boot is a verification tool that prevents unsigned and malicious code from running while the computer is booting.

    Image source: Bleeping Computer

Image source: Bleeping Computer

The consequences of executing malicious code before the operating system starts can be very serious, because in this case all protection measures can be bypassed and malicious software can be launched that cannot be removed even by reinstalling the operating system. The problem isn’t due to bugs in the code, but rather Lenovo accidentally making publicly available drivers intended for development.

Availability of these drivers in several serial products from Lenovo discovered ESET experts. They found that it is enough for attackers to create special NVRAM variables to exploit vulnerabilities. Information security specialist Nikolaj Schlej on his Twitter account said in more detail why developers of UEFI firmware should not use NVRAM.

When it comes to the vulnerabilities themselves, we’re talking about CVE-2022-3430 and CVE-2022-3431. The first affects the WMI setup driver in some Lenovo laptops and allows an elevated attacker to change Secure Boot settings by changing the NVRAM variable. The second vulnerability concerns a driver that should not get onto serial devices, and the operation of which, as in the first case, allows you to change Secure Boot settings through NVRAM. There is also a third similar vulnerability, CVE-2022-3432, which only affects IdeaPad Y700-14ISK laptops. Lenovo won’t fix it as support for this model has ended.

For a complete list of Lenovo laptops affected by this issue, see support page companies. Software updates can be found on the Lenovo website or by using the update search tool on user devices.

About the author

Robbie Elmers

Robbie Elmers is a staff writer for Tech News Space, covering software, applications and services.

Add Comment

Click here to post a comment