You know, it is quite a bummer to know that your computer or smartphones comes with bloatware – basically, software that you do not want, nor need, right out of the box, and you would need to do the tedious work of uninstalling those. Well, it seems that Lenovo did get into quite a spot earlier this year with its Superfish adware that posed as a software which opened up the possibility of steal personal data, and now we are hit with news of yet another security loophole.
The culprit in question this time around would be known as the “Lenovo Service Engine”, where it downloads and installs what Lenovo claims to be “optimization software” automatically, with the alleged claims of helping your computer run in a smoother manner.
Apparently, the Lenovo Service Engine will still be there even if your machine is wiped clean. Should a machine run on Windows 7 or Windows 8, the BIOS of the laptop will search out “autochk.exe,” before overwriting the file with its own on every boot. LSE has also been discovered to collect user data, before sending it out to a Lenovo server. Lenovo claims that this is harmless as no personable identifiable information has been collected by the program, and thankfully, the rootkit can be removed via a manually downloaded patch. The list of affected Lenovo machines can be found here.
Filed in . Read more about Lenovo. Source: neowin.net