31 点作者 DMell超过 2 年前

4 条评论

> may allow an attacker with local access and elevated privileges to execute arbitrary code<p>What are "elevated privileges"? If I lose my laptop and it's locked, can someone execute arbitrary code with this?

评论 #32884044 未加载

zinekeller超过 2 年前

Reading from Lenovo's advisory, it's not just Lenovo that is affected, but everyone who uses the reference UEFI implementation Tianocore is affected (and as far as I know AMI and Insyde also used parts of Tianocore but I can't say if they copied the affected part)

seltzered_超过 2 年前

Article is based on <a href="https://www.bleepingcomputer.com/news/security/new-lenovo-bios-updates-fix-security-bugs-in-hundreds-of-models/" rel="nofollow">https://www.bleepingcomputer.com/news/security/new-lenovo-bi...</a>

评论 #32883388 未加载

eimrine超过 2 年前

May I see the full list of vulnerable devices? I have several of those.

评论 #32887663 未加载

Lenovo issues emergency security patch for hundreds of models

4 条评论

Lenovo issues emergency security patch for hundreds of models

4 条评论