Security updates issued for 100+ laptop models over malware risk - Update now
One of your first lines of defense against malware is to keep your devices updated. Security patches fix bugs and vulnerabilities that hackers use to get into your system, so staying updated is crucial.
The Russia-Ukraine conflict has been a hotbed of scams and hacks. Crooks will always take advantage of significant events to target fresh victims. Tap or click here for tips on five things you need to update now because of the Ukrainian war.
When an update rolls out covering more than 100 models of a particular brand, it’s time to listen. Lenovo just released security updates covering more than a million laptops vulnerable to malware. Keep reading for ways to protect your computer.
Here’s the backstory
On Monday, Lenovo published information on three BIOS vulnerabilities affecting more than 100 laptop models. The company credits Martin Smolár from ESET for reporting these issues.
In a related post, Smolár reveals that the first two vulnerabilities ESET researchers found, CVE-2021-3971 and CVE-2021-3972, affected drivers that were supposed to be used during the manufacturing process then deactivated before being shipped out. Unfortunately, they weren’t. Hackers can take advantage of these flaws to elevate user privileges and run commands and codes.
ESET discovered the third vulnerability, CVE-2021-3970, may allow an attacker with local access and elevated privileges to execute arbitrary code.
ESET reported the vulnerabilities to Lenovo on Oct. 11, 2021. Lenovo confirmed the vulnerabilities on Nov. 17 and published the security advisory on April 18, 2022.
A wide range of affected models
The list of vulnerable laptops includes ones under the IdeaPad, Legion, V15, Yoga and other lines. Here’s a list of 20 affected models:
- Flex 3-11ADA05 Laptop
- L3-15IML05 Laptop
- L340-15IRH Gaming Laptop
- Legion 5 Pro-16ACH6 Laptop
- Legion 7-16ACHg6 Laptop
- Legion S7-15ACH6 Laptop
- Legion Y540-15IRH Laptop
- Legion Y545 Laptop
- Legion Y7000-2019 Laptop
- Lenovo S14 G2 ITL
- S145-14API Laptop
- S540-13API Laptop
- Slim 7 Pro-14IHU5 Laptop
- Slim 9-14ITL05 Laptop
- V14 G1-IML Laptop
- V15 G1-IML Laptop
- V17 G2-ITL Laptop
- V340-17IWL Laptop
- Yoga 7-14ACN6 Laptop
- IdeaPad 3-14IGL05 Laptop
Go to Lenovo’s security advisory for the full list.
Potassium iodide pills are selling like crazy online - Why are people stocking up?
The Russia-Ukraine conflict may seem like something happening far away, but its impact has already reached our shores.
Scammers are quick to take advantage of any world crisis to find new victims. We saw this over the last couple of years during the pandemic and extreme weather events. Tap or click here for our report on Russia-Ukraine War scams and how to avoid falling victim to them.
DuckDuckGo changes its RULES about what you see in search results
Your browser choice can be based on anything from customization options to cosmetic features. The most crucial factor to pay attention to is privacy, however. Some browsers track your web activity and sell it to third parties, while others don’t store any data of you or your searches.
Incoming! 10 Russia-Ukraine war scams hitting your email, phone and social media
The Russia-Ukraine conflict is nearly 6,000 miles from our border, but it’s likely already affecting you here at home.
You probably see a hit to your 401K and financial portfolio. As those go down, gas prices are going up. Tap or click here for simple ways to find the best gas prices in your area.