Lenovo Patches Serious Flaw In Pre-Installed Support Tool

Reader itwbennett writes: Lenovo has made available a patch for the vulnerability in its Lenovo Solution Center, a support tool which comes pre-installed on many Lenovo laptops and desktops. The vulnerability could allow attackers to execute code with system privileges and take over computers. Users should automatically be prompted to update LSC when they open the application, but in case they aren't, they should download the latest version (3.3.002) manually from Lenovo's website. This is not the first time such a vulnerability has been found and fixed in LSC. In fact, Lenovo updated an old advisory for flaws reported in December with information about the new vulnerability, making it somewhat hard to spot.

Here is an idea

Don't install anything other than the Operation System.

Thank you!

Re:Uninstall those helper tools!

[plover]

I have purchased a couple of well-equipped Lenovo laptops, and it's amazing just how awful their shovelware makes those big honkin' machines perform. I may not know what all that software is doing, but I do know they soak up CPU cycles like it's their last day on earth. Then I make sure it is their last day on earth.

The most frustrating thing about it is that when you pay that much for a higher-end computer, they feel they still have the right to shovel all that shitware onto your box so they can squeeze another lousy $20 bounty out of the sale. They're paying for it, though - I've been recommending friends and family avoid Lenovo, and so far they've lost thousands of dollars worth of our business. Enjoy your $20, Lenovo. Buy yourselves a couple of beers, then go beat up your finance guy who thinks that shovelware is a smart business plan.