The Chinese PC manufacturer, Lenovo is yet again caught under the security scanners for vulnerabilities in its BIOS. A security researcher Dmytro Oleksiuk who also goes by the name Cr4sh has discovered the erring code that escalates the vulnerability of 0day privileges of Lenovo’s BIOS.
The UEFI bug exposes Lenovo PCs to an arbitrary System Management Mode(SMM) code execution making its basic Windows security protocols rather useless. The bug uses the flash write protection and can thus let users disable the UEFI Secure Boot, the Virtual Secure Mode and Credential Guard on Windows Powered Lenovo PCs. These are only the discovered threats, we can expect more to come as the news breaks.
ThinkPad Series laptops are named as most vulnerable with the bug present in older X220s model. The same BIOS vulnerability was discovered way back in 2010 in some HP laptops as well and it seems that Lenovo has just copied and pasted the faulty firmware update. However, according to Cr4sh, Intel had identified and resolved the firmware vulnerability way back in 2014 but this leads to another question as to how it is resurfacing again in the Lenovo PCs. Speculations are that it has been done to give FBI a secret doorway to snoop around in your PCs, although this seems too far fetched.
Responding to the same, Lenovo issued a statement in its blog, “Lenovo is committed to the security of its products and is working with its IBVs and Intel to develop a fix that eliminates this vulnerability as rapidly as possible.”
That means they are aware of the BIOS vulnerability in the SMM code of their products and are also trying to collaborate with Cr4sh on resolving the same.
@d_olex Yep, found SmmRuntimeManagementCallback() function in HP dv7 4087cl (from ~2010, HM55) with Insyde EFI pic.twitter.com/M5jrsrAO8d
— Alex James (@al3xtjames) 2 July 2016
Their blog also gives the impression that they are trying to pin this debacle down on Intel (the original chip code manufacturer), and at the same time they are tracking down the original code author and the purpose behind this secret error in the BIOS of the ThinkPad Series.
Cr4sh has provided the details as how to identify whether your PC is vulnerable to the security crashes or not. Check it here on Github. Stay tuned for more tech-related news and updates and do leave your valuable comments below.