A critical vulnerability that was recently found in the low-level firmware of Lenovo ThinkPad systems also reportedly exists in products from other vendors, including HP and Gigabyte Technology.
An exploit for the vulnerability was published last week and can be used to execute rogue code in the CPU’s privileged SMM (System Management Mode).
This level of access can then be used to install a stealthy rootkit inside the computer’s Unified Extensible Firmware Interface (UEFI) — the modern BIOS — or to disable Windows security features such as Secure Boot, Virtual Secure Mode and Credential Guard that depend on the firmware being locked down.
To read this article in full or to leave a comment, please click here