Lenovo PCs installed custom software even if you wiped them (updated)
by Jon Fingas | @jonfingas | 5 Hours Ago
Samsung isn't the only Windows PC maker to have hijacked Windows' update process as of late. Users have noticed that some Lenovo PCs running Windows 7 and 8 (such as the Yoga 3) had firmware that automatically downloaded and installed Lenovo's own update software on boot, overwriting a Windows system file at the same time. More disconcertingly, this was true even if you wiped the system clean. So long as you were reinstalling a compatible version of Windows in the first place (including Windows 10), those Lenovo apps would inevitably return.
The only reason it's not an ongoing issue is that Lenovo just recently released an optional patch that removes the offending code. Why? As you might have guessed, forcing a PC to download programs on boot introduces a massive security risk -- attackers can spoof the server and install malware whenever you restart your computer. That's more than a little disconcerting, especially if you thought that Lenovo had already removed vulnerable software from your system.
Lenovo was technically in the clear. It was taking advantage of a little-known feature, the Windows Platform Binary Table, to insert the code. However, Lenovo's approach was largely unadvertised to users and "not consistent" with Microsoft's current security guidelines. You might not have known that Lenovo was loading this software in the first place, let alone that it created a security hole. While it's good to know that there's a fix, the discovery underscores the problems with letting PC vendors override core Windows functions -- in at least some cases, they're creating more problems than they solve.
Update: Lenovo has since released a statement, and notes that all systems made in June onwards have BIOS firmware that eliminates the vulnerability, and it's no longer installing Lenovo Service Engine (the problematic software) on PCs. If you have any Think-branded computers, they're already LSE-free.
Sign in
316 people listening
+ Follow
Share
Post comment as...
Newest | Oldest | Top Comments
1New CommentRefresh
There should be an automatic disclosure from all PC OEMs in what software they install on these computers and a way to remove them if needed. This is how it should be not an example of the often disgusting policies mobile OEMs have carried on by not allowing users to uninstall software they do not want or inform them of what exactly their device is running versus do not want to run.
I don't know why these companies think we want their bloatware. this is why I prefer OSX generally.
Show More Comments
- Key Specs
- Reviews 51
- Prices