Lenovo Solution Center new update fixes severe security risks

John White By: John White
2 minute read

Home » Lenovo Solution Center new update fixes severe security risks

The Lenovo Solution Center (LSC) software has always been a problem and it doesn’t appear if the issues will end any time soon: a new vulnerability has been located in the software that can cause security risks.

The vulnerability could allow attackers with local network access to a user’s computer to execute what is known as arbitrary code, according to researchers from Trustwave SpiderLabs. Attackers can use the flaw to elevate certain privileges that are tied to LSC’s backend. This then open the door for hackers to trick LSC into running arbitrary code directly into the local system, according to Karl Sigler, a SpiderLabs researcher at Trustwave.

This could become a major issue for Lenovo seeing as its LSC software is installed on almost every one of its modern computers. The software acts as a dashboard for monitoring system health among other things, so no doubt it will be used by many not aware of the faults.

“By convincing a user who has launched the Lenovo Solution Center to view a specially crafted HTML document [such as] a web page or an HTML email message or attachment, an attacker may be able to execute arbitrary code with SYSTEM privileges,” explained a note from the DHS-sponsored CERT at the Software Engineering Institute at Carnegie Mellon University.

What we are seeing here is the latest flaw in a long list of others that occurred in the past year. It has become custom for one to view LSC software as a security risk similar to that of Java and Flash. If Lenovo fails to rectify the issue, it will likely hurt the company’s bottom line in the future. Lenovo is one of the top PC makers, a title that can go away at any given moment if changes are not put into place.

Luckily, Lenovo released a fix to end the risk of attack from outside sources. It can be downloaded right here from the company’s official website. Bear in mind that only folks using Windows 7, Windows 8, Windows 8.1 and Windows 10 will be eligible to grab the update seeing as LSC is not available for other platforms.

Recently, the company had to release updates to improve its companion apps for Windows 10 in hopes that its many users would stop leaving terrible ratings.

RELATED STORIES YOU NEED TO CHECK OUT:

Discussions

Next up

5 software for organizing your music files to find them quickly

Vladimir Popescu avatar. By: Vladimir Popescu
Less than a 1 minute read

Because we all love listening to our favorite music, it is very important to be able to organize our music library. This task has become […]

Continue Reading

Download Microsoft Surface Diagnostic Toolkit to fix your device

Giles Ensor avatar. By: Giles Ensor
2 minute read

Computer problems are usually not that complicated to fix. The real problem is that most people are not that keen to try and fix them, […]

Continue Reading

Happy broadcasting with these 4 live streaming software for Twitch

Madhuparna Sukul avatar. By: Madhuparna Sukul
Less than a 1 minute read

Live streaming is the hottest trend and a powerful streaming software makes the entire process a lot easier. A streaming software primarily helps you with […]

Continue Reading