back to article Lenovo slings privilege patches at in-built tools

IOActive security bod Sofiane Talmat has found two since-patched privilege escalation vulnerabilities in Lenovo System Update utility. The tool keeps drivers and BIOS up to date. Talmat found the tool's help function contains a vulnerability (CVE-2015-8109) that can allow regular users to gain administrative access. "Since …

  1. Voland's right hand Silver badge

    Hardware vendor doing software

    Hardware vendor, trying to do software. Nothing to see here, move along.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like