Lenovo is another company that recently acknowledged that there’s a security vulnerability in its products.
The Fingerprint Manager Software has a weak encryption issue, and it seems that can allow cyber attackers to bypass its protection effortlessly.
A few ThinkPad, ThinkCentre and ThinkStation models are affected
Lenovo discovered that there are a few devices that are at really high risk of being hijacked by cyber hackers. They can break a hardcoded password, and they can eventually gain complete access to the vulnerable system that is affected.
This flaw resides in the Fingerprint Manager Pro builds that were launched before 8.01.87. In order to be able to patch the flaw, you will need to install version 8.01.87 a newer version.
Windows 10 users are safe and sound
There’s also good news. If you are running Windows 10, you will not be exposed to this vulnerability. Only Windows 7, 8 and 8.1 users are at risk for the moment. According to Lenovo, Windows 10 does not require a fingerprint software, and that’s why users of the latest Microsoft OS are protected.
Lenovo stated that the vulnerability had been found in Lenovo Fingerprint Manager Pro and the sensitive information stored by it such as the login credentials and more are apparently encrypted with a weak algorithm. This allows access to all users with local non-administrative access to the system that it’s installed on. The company also explained that on systems that are running Windows 7, 8 and 8.1, users would be able to log into their PCs or to authenticate to configured websites using fingerprint recognition.
The patch for this flaw is only required on systems that are running a version of Windows before Windows 10. Here’s another reason to update!
Speaking of fingerprint issues, check out the troubleshooting guides below to fix the most common ones: