Skip to content

Davey Winder

delivering award-winning technology journalism since 1991

  • home
  • about me
  • follow me on mastodon
  • privacy policy
  • Toggle search form
Question mark image

Has Lenovo lost the security plot?

Posted on January 28, 2016January 28, 2016 By Davey Winder

Some in the IT security industry are asking just what’s happening at Lenovo, and has it lost the security plot?

Less than a year after Superfish, Lenovo is making the security news once more for all the wrong reasons. Four vulnerabilities were found by Core Security, and thankfully now fixed by Lenovo, impacting some users of Lenovo’s SHAREit app. In the Android version of the app, no password was required to join an ad-hoc Wi-Fi hotspot that it created. And if you thought that was pretty poor on the security front, some ThinkPad and IdeaPad devices opted instead for a hard-coded password of 12345678. This would all be bad enough news for the PC manufacturer, but it gets worse when you realise that in the space of less than a year things have also gone pear-shaped in the form of the Lenovo Service Engine rootkit row and the Lenovo System Update privilege escalation vulnerability row.

Of course, just because a computing giant finds itself at the pointy end of a handful of security scares does not mean there is a culture of insecurity being fostered within the company. Were that the case then the same allegation could be made in the direction of myriad hardware and software vendors. Nonetheless, SCMagazineUK.com contacted Lenovo and put it to them that some might suggest a culture of insecurity exists.

Click here to read complete article

News Tags:Hardware, Lenovo, News, Software, Vulnerability

Post navigation

Previous Post: Research reveals Android device security lacks update inertia
Next Post: Let’s use Data Protection Day to highlight just how bad the Snooper’s Charter is!

Related Articles

New Mass Gmail Rejections To Start April 2024, Google Says Gmail
Big Game Hackers Smash $1 Billion Ransomware Barrier Cybercrime
Yeah, But No, But Yeah: The Strange Tale Of 3 Million Hacked Toothbrushes Hacking
Google To Crack Down Against Spammers To Protect Gmail Users Gmail
New Google Report Warns Of ‘Real And Significant Threat’ To User Privacy Google
iPhone Under Attack: U.S. Government Issues 21 Days To Comply Warning Apple

Categories

Post Archive

Tags

0day Analysis Android Apple Apps breach bug bounty Business Chrome crime Cybercrime Data Protection Encryption Enterprise Google Government Hackers Hacking Health healthcare industry iOS IoT iPhone Malware Microsoft News NHS Opinion passwords Phishing Privacy ransomware Research Russia Samsung threat intelligence Twitter Update Vulnerabilites vulnerabilities Vulnerability Windows Windows 10 zero-day

Copyright © 2025 Davey Winder .

×
Cookies
We serve cookies. If you think that's ok, just click "Accept all". You can also choose what kind of cookies you want by clicking "Settings". Read our cookie policy
Settings Refuse all Accept all
Cookies
Choose what kind of cookies to accept. Your choice will be saved for one year. Read our cookie policy
  • Necessary
    These cookies are not optional. They are needed for the website to function.
  • Statistics
    In order for us to improve the website's functionality and structure, based on how the website is used.
  • Experience
    In order for our website to perform as well as possible during your visit. If you refuse these cookies, some functionality will disappear from the website.
  • Marketing
    By sharing your interests and behavior as you visit our site, you increase the chance of seeing personalized content and offers.
Save Refuse all Accept all
GDPR Cookie Policy