Lenovo removes rootkit from BIOS for several laptop models

Spread the love

Lenovo pulled its own rootkit from the bios of 13 different laptops, such as the Flex, Yoga and IdeaPad models. The kit enabled users on clean Windows installations to receive notifications recommending Lenovo install OneKey software.

The Lenovo bios checked when the laptops started up whether the file C:Windowssystem32autochk.exe was Lenovo’s version or Microsoft’s. If it was Microsoft’s, it was replaced by Lenovo’s. This file then launches some services that use the Internet to recommend users to download Lenovo’s OneKey software and send certain user data to the Chinese company. This was done via an unencrypted connection.

Microsoft approves the use of this technique, according to a document from the Redmond company. However, it states that the functionality is for the automatic installation of software that is essential for the functioning of the device in question. Although Lenovo OneKey is a program that helps users with, for example, a reinstallation of Windows, the software in the strictest sense of the word is not essential for the functioning of the computers.

The rootkit was exposed by Ars Technica forum user ge814, among others, on August 3. That same day, a BIOS update for 13 different laptop models from Lenovo appeared on the website. Another Lenovo user already asked about this on the official forum in April, suggesting that the rootkit has been in the laptops for months, if not from the start. The Next Web also writes that several desktop models from Lenovo have the rootkit on board. would have. The update that Lenovo has published will not be distributed automatically. Users have to download and install it themselves. Lenovo itself states that the update is published because of a vulnerability in the rootkit.

Earlier this year, Lenovo was discredited for including the SuperFish adware on its PCs. Subsequently, the company removed the adware from its systems and promised to deliver “clean and safe PCs” from now on.

You might also like