Jump to content


Photo

Lenovo BIOS/UEFI vulnerability - Updates


  • Please log in to reply
No replies to this topic

#1 Chachazz

Chachazz

    Is GSF inventory

  • General Admin
  • 36,453 posts

Posted 11 May 2018 - 08:31 PM

Lenovo internal testing discovered some System x server BIOS/UEFI versions that, when Secure Boot mode is enabled by a system administrator, do not properly authenticate signed code before booting it. As a result, an attacker with physical access to the system could boot unsigned code.

 

Apply the BIOS/UEFI update appropriate for your model described in the product impact section below. If you are relying on Secure Boot, you may want to control physical access to systems prior to applying the updates.

 

List of Bios versions affected:

https://support.leno...tions/len-20241