Lenovo Systems Come Pre-Pw0ned
by Jason Murdock
13 Aug 2015
Lenovo has backtracked over the use a little known Windows BIOS trick that installs persistent software on the firm’s systems without the consent of the user, even if they wiped their entire operating system to try and remove it.
The company has released patches to remove the software from a raft of its devices as the feature left systems open to attack and was “not consistent” with new guidelines put forward by Microsoft.
The tool in question was called Lenovo Search Engine (LSE) and it downloaded a program called One Key Optimiser used for “enhancing PC performance by updating firmware, drivers and pre-installed apps”.
It took advantage of a feature in Windows called Windows Platform Binary Table (WPBT) that is intended to ensure “critical software” crucial to running Windows remains in place, even after the operating system has been wiped.