檔案狀態:    住戶編號:2321069
 ac 的日記本
快速選單
到我的日記本
看他的最新日記
加入我的收藏
瀏覽我的收藏
邁阿密 連輸三場 面臨淘汰 《前一篇 回她的日記本 後一篇》 今年母親節的大餐
 切換閱讀模式  回應  給他日記貼紙   給他愛的鼓勵  檢舉
篇名: 警告: 聯想電腦危險!
作者: ac 日期: 2016.05.07  天氣:  心情:
英國媒體報導,聯想集團有限公司(英語:Lenovo Group Ltd.;港交所:0992;OTCBB:LNVGY)在其電腦產品預裝軟件漏洞纏身,幾乎所有的聯想電腦產品允許惡意軟件運行,是安全風險。

Flaw-ridden bloatware puts nearly every Lenovo PC at risk from hackers

A security flaw in software that s preinstalled on millions of Lenovo devices lets malware run at the system-level.

By Zack Whittaker for Zero Day | May 6, 2016 -- 13:56 GMT (06:56 PDT) | Topic: Security

A serious security vulnerability has been discovered in software that s installed on almost every Lenovo notebook, tablet, and PC -- potentially affecting millions of users.

The affected Lenovo Security Center software allows users to see the overall health of their device, from hardware and software status, network connections, and installed security features.

But security researchers have found a way to raise the privileges of the software, which could let an attacker gain access to the whole system, according to a soon-to-be-released blog post by security firm Trustwave.

In other words, a hacker can run malware at a system-wide level -- even if the app doesn t appear to be running.

The good news is that Lenovo quickly patched the software after details of the vulnerability were privately disclosed.

The computer giant rolled out the new software last week, which will automatically ask users to install when they next open the software.

The software, often called "bloatware," comes installed as standard on ThinkPads, ThinkPad tablets, ThinkCenter and ThinkStation, IdeaCenter and some IdeaPads, running Windows 7 and later.

But this often-unwanted software -- also known as "crapware" -- remains a major issue in PC and mobile circles, particularly because it s known to put system security at risk.

Case in point, it s the third problem that Lenovo has been forced to address in relation to using preinstalled software in the past two years.

A security researcher discovered a trifecta of security flaws, affecting software that s preinstalled on laptops made by Toshiba, Dell, and Lenovo.

The flaw similarly would have allowed an attacker to run malware at the system level, regardless of what kind of user is logged in. A user would have to be tricked into opening a specially-crafted web page, such as through a drive-by download or a link in an email.

Lenovo was also caught up in the "Superfish" adware scandal last year. The company later promised to stop bundling preinstalled bloatware on the computers and devices it sells.


http://www.zdnet.com/article/flaw-ridden-bloatware-put-nearly-every-lenovo-pc-at-risk-from-hackers/
標籤:
瀏覽次數:381    人氣指數:3181    累積鼓勵:140
 切換閱讀模式  回應  給他日記貼紙   給他愛的鼓勵 檢舉
給本文愛的鼓勵:  最新愛的鼓勵
邁阿密 連輸三場 面臨淘汰 《前一篇 回她的日記本 後一篇》 今年母親節的大餐
 
給我們一個讚!