Brandefense Academy Your trusted hub for learning, developing, and mastering the skills that shape tomorrow's digital defense.
Discover Now
RESOURCES TYPES
Brandefense Academy Your trusted hub for learning, developing, and mastering the skills that shape tomorrow's digital defense.
Discover NowNOVEMBER 10, 2022
[vc_row pix_particles_check=”” nav_skin=”light” consent_include=”include”][vc_column][vc_column_text]Lenovo has released updates regarding vulnerabilities detected in the UEFI Firmware component affecting Yoga, IdeaPad, and ThinkBook devices. UEFI refers to software that acts as an interface between the operating system and the firmware embedded in the device’s hardware and is responsible for starting the operating system when a device is powered on. Therefore, UEFI offers a highly attractive attack surface for threat actors who want to release hard-to-detect and remove malware.
Here are the details of the vulnerabilities that could be used by threat actors to disable Secure Boot, a security mechanism designed to prevent malicious programs from loading during the boot process;
After the vulnerabilities were detected by the Eset security researcher, Lenovo announced that they took action to fix the vulnerabilities. However, Lenovo has stated that they do not plan to release fixes for CVE-2022-3432 as the affected model has reached the end of life (EoL). In this context, it is recommended that users of other affected devices update their firmware to the latest version in order not to be the target of attacks that can be carried out using vulnerabilities.[/vc_column_text][vc_empty_space][/vc_column][/vc_row]
Take control of your digital security with an exclusive demo of our powerful threat management platform.
