One of the first lines of defense against malware is to keep your device updated. Security patches fix bugs and vulnerabilities that hackers use to get into your system, so staying updated is critical.
The Russia-Ukraine conflict has been a hotbed of scams and hacking. Scammers will always take advantage of major events to target new victims. Tap or click here for tips on five things that need an immediate update due to the war in Ukraine.
When the update rolls out over 100 models covering specific brands, it’s time to listen. Lenovo just released a security update covering more than a million laptops vulnerable to malware. Read on to learn how to protect your computer.
This is the backstory
On Monday, Lenovo released information on three BIOS vulnerabilities affecting more than 100 laptop models. The company thanks ESET’s Martin Smolár for reporting the issues.
In a related article, Smolár revealed the first two vulnerabilities discovered by ESET researchers, CVE-2021-3971 and CVE-2021-3972, the affected drivers were meant to be used during manufacturing and then deactivated before shipping. Unfortunately, they are not. Hackers can exploit these flaws to elevate user privileges and run commands and code.
The tech smarts you take every day
Learn technical tips and tricks that only the pros know.
ESET discovered a third vulnerability, CVE-2021-3970potentially allowing an attacker with local access and elevated privileges to execute arbitrary code.
ESET reported the vulnerability to Lenovo on October 11, 2021. Lenovo confirmed the vulnerability on November 17 and issued a security advisory on April 18, 2022.
Wide range of affected models
The list of vulnerable laptops includes laptops from the IdeaPad, Legion, V15, Yoga and other series. Below is a list of the 20 affected models:
- Flex 3-11ADA05 Laptop
- L3-15IML05 Laptop
- L340-15IRH Gaming Laptop
- Legion 5 Pro-16ACH6 Laptop
- Legion 7-16ACHg6 Laptop
- Legion S7-15ACH6 Laptop
- Legion Y540-15IRH Laptop
- Legion Y545 Laptop
- Legion Y7000-2019 Laptop
- Lenovo S14 G2 ITL
- S145-14API Laptop
- S540-13API Laptop
- Slim 7 Pro-14IHU5 Laptop
- Ultra Slim 9-14ITL05 Laptop
- V14 G1-IML Laptop
- V15 G1-IML Laptop
- V17 G2-ITL Laptop
- V340-17IWL Laptop
- Yoga 7-14ACN6 Laptop
- IdeaPad 3-14IGL05 Laptop
Please visit Lenovo’s Security Bulletin for a complete list.
Update your laptop now
Go to pcsupport.lenovo.com/us/en/ and select Test the product Download and install Lenovo Service Bridge to automatically detect your product’s serial number.
you can also choose Browse Products Select your computer from the catalog. After selecting a product, follow the steps below to download and install the update:
- click Drivers and Software on the left menu panel.
- click Manual update Browse by component type.
- choose BIOS/UEFI.
- Find your laptop on the desktop on the Lenovo Security Advisory page. Compare the minimum fix version for your product in the applicable product table below with the latest version posted on the support site.click download icon if the firmware matches the file in the table.
continue reading
It’s time to update Chrome again – steps to get the emergency patch
X
The tech smarts you take every day
Learn technical tips and tricks that only the pros know.
Why you should update your smartphone ASAP
