The Hacker News Logo
Subscribe to Newsletter

The Hacker News — Cyber Security and Hacking News Website: lenovo laptops

Hard-coded Password Lets Attackers Bypass Lenovo's Fingerprint Scanner

Hard-coded Password Lets Attackers Bypass Lenovo's Fingerprint Scanner

January 29, 2018Wang Wei
Lenovo has recently rolled out security patches for a severe vulnerability in its Fingerprint Manager Pro software that could allow leak sensitive data stored by the users. Fingerprint Manager Pro is a utility for Microsoft Windows 7, 8 and 8.1 operating systems that allows users to log into their fingerprint-enabled Lenovo PCs using their fingers. The software could also be configured to store website credentials and authenticate site via fingerprint. In addition to fingerprint data, the software also stores users sensitive information like their Windows login credentials—all of which are encrypted using a weak cryptography algorithm. According to the company, Fingerprint Manager Pro version 8.01.86 and earlier contains a hard-coded password vulnerability, identified as CVE-2017-3762 , that made the software accessible to all users with local non-administrative access. "Sensitive data stored by Lenovo Fingerprint Manager Pro, including users’ Windows logon credentials
Warning — You Can't Install Linux On Microsoft Signature Edition PCs from Lenovo

Warning — You Can't Install Linux On Microsoft Signature Edition PCs from Lenovo

September 21, 2016Mohit Kumar
In past few months, Microsoft opened the source code of a lot of its projects, convincing people that the company loves Linux . But a new report shows that Microsoft is not really a big supporter of Linux. Microsoft has banned Linux on some Windows 10 powered Signature Edition PCs, which provides the cleanest Windows experience on the market. Signature Edition PCs are different from other systems because it is carefully and meticulously configured by Microsoft to run Windows 10 with no bloatware, paid promotional web shortcuts, or other pre-installed apps, for providing better performance. But besides bloatware and other pre-installed apps, Microsoft won't allow you to install Linux (or any operating system) on it. This news is not a rumor as a Reddit user BaronHK reported that he found it impossible to install Linux on the Signature Edition Lenovo Yoga 900 ISK2 UltraBook because Microsoft has locked the SSD in a proprietary RAID mode that can only be read by Window
Lenovo Caught (3rd Time) Pre-Installing Spyware on its Laptops

Lenovo Caught (3rd Time) Pre-Installing Spyware on its Laptops

September 25, 2015Swati Khandelwal
Lenovo has once again been caught installing spyware on its laptops and workstations without the user's permission or knowledge. One of the most popular computer manufacturers is being criticized for selling some refurbished laptop models pre-installed with invasive marketing software that sends users data directly to the company. This is not first time Lenovo has allegedly installed spyware onto consumers PCs. Earlier this year, Lenovo was caught red-handed for selling laptops pre-installed with Superfish malware that opened up doors for hackers. In August, Lenovo again got caught installing unwanted and non-removable crapware into part of the BIOS reserved for custom drivers. Lenovo Laptops comes Pre-installed with 'Spyware' Now, the Chinese computer manufacturer is making news once again for embedding tracking software into its laptops and workstations from Lenovo ThinkPad, ThinkCentre, and ThinkStation series. Michael Horowitz from Comput
Lenovo Caught Using Rootkit to Secretly Install Unremovable Software

Lenovo Caught Using Rootkit to Secretly Install Unremovable Software

August 13, 2015Swati Khandelwal
Two years ago Chinese firm Lenovo got banned from supplying equipment for networks of the intelligence and defense services various countries due to hacking and spying concerns. Earlier this year, Lenovo was caught red-handed for selling laptops pre-installed with Superfish malware . One of the most popular Chinese computer manufacturers ‘Lenovo’ has been caught once again using a hidden Windows feature to preinstall unwanted and unremovable rootkit software on certain Lenovo laptop and desktop systems it sells. The feature is known as " Lenovo Service Engine " (LSE) – a piece of code presents into the firmware on the computer's motherboard.  If Windows is installed, the LSE automatically downloads and installs Lenovo's own software during boot time before the Microsoft operating system is launched, overwriting Windows operating system files. More worrisome part of the feature is that it injects software that updates drivers, firmware, and oth
Exclusive Deals

Get Daily News Updates By Email

Join over 350,000 information security professionals — Get the best of our cyber security coverage delivered to your inbox every morning.