UEFI security threat Lenovo Laptops/Netbooks.

[kc1di]

This article may be of interest to those of us using Lenovo Laptops or Netbooks.

Lenovo driver goof poses security risk for users of 25 notebook models

Hackers can exploit vulnerabilities to install malicious firmware that survives reboots.

arstechnica.com

My conclusion is if your using Linux on one of these machines. Do not install it in UEFI mode thinking it's more secure.. It is NOT!

 

[osprey]

Thanks kc1di for that link. At least, it seems, the intruder has to have root access or "elevated privileges" to run the hacks. "Don’t take the name of root in vain," as the kernel docs declare.

 

[KGIII]

It looks like they're doing the right thing, issuing patches - except for with one device, as that device is no longer supported.