Lenovo updated the firmware of 25 laptops, including ThinkPads, Yoga Slims and IdeaPads, to fix a vulnerability that would allow attackers to disable UEFI Secure Boot and then install malicious firmware to plant a permanent backdoor. UEFI is located on the flash memory chip of the motherboard. It is the first link in the security chain. It is difficult to detect and remove when it is infected with malicious code. It will still exist after the system is reinstalled again and again. Researchers from security firm ESET reported three vulnerabilities CVE-2022-3430, CVE-2022-3431 and CVE-2022-3432.
This article is reprinted from: https://www.solidot.org/story?sid=73329
This site is for inclusion only, and the copyright belongs to the original author.