A buffer overflow in the SystemBootManagerDxe driver in some Lenovo Notebook products may allow an attacker with local privileges to execute arbitrary code.
Topics Security Off-Prem On-Prem Software Offbeat Vendor Voice Vendor Voice Resources Déjà vu all over again for laptop maker as researchers poke holes in its code
Security researchers have spotted fresh flaws in Lenovo laptops just months after the vendor patched a bunch of its products. The PC maker has now fixed the trio of bugs, which were flagged up by ESET this week. More than 70 models were impacted by this latest issue, including a number of ThinkBook devices. The vulnerabilities reported were buffer overflows in the UEFI firmware. "The vulnerabilities," explained the ESET Research team, "can be exploited to achieve arbitrary code execution in the ...