Lenovo Rootkits

Lenovo is getting back to rootkits again

The Chinese corporation is back again to install unwanted software, this time acting at the firmware level, resistant to any attempt to format and reinstall Windows. Lenovo has already replied.

After the scandal, the controversy and reputational damage resulting from the pre-installation of Superfish , Lenovo seems to have lost the habit to install unwanted software, classified as bloatware within its PCs both desktops and laptops. The culprit this time It is called “Lenovo Service Engine” (LSE), an integrated feature within the BIOS – obviously in UEFI standard – Systems recently sold and based on an implementation of custom technology “official” Microsoft called “Windows Platform Binary Table “(WPBT). WPBT The technology is designed to ensure the mandatory installation of software importance of “critical” even if you reinstall the operating system, Microsoft said , with binary files (Windows native applications to be run in user mode ) stored within the UEFI firmware and reinstalled on the system being started even before the execution of the boot loader of the hard disk.

LSE exploits the persistence mechanism of WPBT to install a tool called “OneKey Optimizer” (OKO), from most parts branded as a real crapware that claims to “optimize” your PC while sending data to remote servers using the system of Lenovo. A rootkit, have called users, which is more affected by a vulnerability security discovered and notified to Lenovo already months ago. The crapware UEFI Lenovo does not meet the specifications established by Microsoft with WPBT, and not surprisingly the corporation has already distributed an update to the firmware for the removal of LSE PCs affected: the Thinkpad laptop line are not affected by the problem, it is keen to stress the company. What is certain, after the discovery of the rootkit installed on UEFI firmware and technology-based “official” Microsoft for the persistence of binary files on Windows OS, is spreading among users more informed, of the absolute lack of confidence in corporate information out of sight: the PC (brand) are now at outside the control of their owners, a finding of a fact that makes it seem a lot less “crazy” the warnings of Richard Stallman on the end of personal computing as we know it.

Leave a Reply

Your email address will not be published. Required fields are marked *