Jump to content
Login new information ×
Login new information

Lenovo Urges Customers To Uninstall This Dangerous Application

steven36

By steven36
in Security & Privacy News

Recommended Posts

steven36

steven36

Posted
Posted

Dozens of its Windows 10 laptops and desktop PCs are affected.

 

MW9ZIOM.png

 

Lenovo LNVGY -2.75% has admitted that its preloaded Accelerator Application software makes customers vulnerable to attack, and has urgently advised them to uninstall it. Dozens of its laptops and desktop PC models are affected, including most of its popular Yoga line.

 

Specifically, as Lenovo said in an advisory notice, the auto-update feature in its Accelerator Application software can be exploited by a “man-in-the-middle attack”—someone could get in between the computer and the server pushing out the updated software, fooling the computer into installing a fake version of the update instead of the genuine article.

 

Such attacks can allow anything from surreptitious malware installation to the insertion of surveillance capabilities, or even the hijacking of PCs.

 

The Lenovo Accelerator Application, which is supposed to make Lenovo’s preinstalled apps run faster, is found on many recent PCs that came with Windows 10, but not ThinkPad or ThinkStation machines.

 

Lenovo is the same manufacturer that preinstalled vulnerable ad-serving software called Superfish on its consumer laptops over a year ago. Then, late last year, it needed to tell customers to uninstall its “Solution Center” software because of a vulnerability.

 

Those episodes dented its reputation, and this latest case of vulnerable “bloatware” won’t help either.

 

The manufacturer was one of many found by researchers at Duo Labs to have preinstalled insecure software on their computers. Duo Labs’ report came out a couple days ago, also pointing fingers at Dell, Asus ASUUY 2.27% , Acer ASIYF 0.00% and Hewlett-Packard HPE 0.55% —in short, every vendor whose machines the researchers tested.

 

“Lenovo recommends customers uninstall Lenovo Accelerator Application by going to the ‘Apps and Features’ application in Windows 10, selecting Lenovo Accelerator Application and clicking on ‘Uninstall’,” Lenovo said in its advisory note—a document worth checking, as it includes a list of all affected models.

 

This article was updated to correct incorrect assertion that Duo Labs is Dutch.

 

US-Cert Advisory

 

 

The Source

Link to comment
Share on other sites
  • Replies 1
  • Views 638
  • Created
  • Last Reply
vibranium

vibranium

Posted
Posted

Uninstall? How about UPDATING it?

 

Finally Lenovo admits it has a rotten fish on its hands.

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...