Lenovo Warns Users To Upgrade Pre-Installed Tool With Severe Security Holes

0
584

Long-time Slashdot reader itwbennett writes: Lenovo is advising users to upgrade to version 3.3.003 of Lenovo Solution Center (LSC), which includes fixes for two high-severity vulnerabilities in the tool. [The tool] allows users to check their system’s virus and firewall status, update their Lenovo software, perform backups, check battery health, get registration and warranty information and run hardware tests. The CVE-2016-5249 vulnerability allows an attacker who already has control of a limited account on a PC to execute malicious code via the privileged LocalSystem account. And the CVE-2016-5248 vulnerability allows any local user to send a command to LSC.Services.SystemService in order to kill any other process on the system, privileged or not. Read more of this story at Slashdot.

View original post here:
Lenovo Warns Users To Upgrade Pre-Installed Tool With Severe Security Holes

LEAVE A REPLY

Please enter your comment!
Please enter your name here

*

This site uses Akismet to reduce spam. Learn how your comment data is processed.