Hidden Lenovo flaws let hackers install undetectable, permanent malware.

According to security firm Binarly, Lenovo all-in-one PCs have six flaws in a hidden firmware mode that runs before the operating system and survives reinstalling the software. Four of these vulnerabilities could allow attackers to seize full control of the machine, while the remaining two may expose data or slip past security checks. Lenovo confirmed the issues in June and has released firmware updates and mitigation instructions. Users are advised to apply these patches promptly to secure their devices.

Read more:

https://www.securityweek.com/lenovo-firmware-vulnerabilities-allow-persistent-implant-deployment/