Ars Technica

Lenovo patches secure boot vulnerabilities that imperil 25 notebook models

Hmmm, I'll probably get mass-downvoted for this opinion… but maybe UEFI is trying to do too much? Boot firmware is one of these things you leave well alone unless you really have an egregious problem ...
Ars Technica

Lenovo driver goof poses security risk for users of 25 notebook models

More than two dozen Lenovo notebook models are vulnerable to malicious hacks that disable the UEFI secure-boot process and then run unsigned UEFI apps or load bootloaders that permanently backdoor a ...
Bleeping Computer

Lenovo fixes flaws that can be used to disable UEFI Secure Boot

Lenovo has fixed two high-severity vulnerabilities impacting various ThinkBook, IdeaPad, and Yoga laptop models that could allow an attacker to deactivate UEFI Secure Boot. UEFI Secure Boot is a ...
CRN

Lenovo Resolves UEFI Firmware Issues That Could Turn Off Secure Boot

The vulnerabilities were introduced when Lenovo inadvertently included an early development driver in the commercial versions of their software. Lenovo has released fixes for high-severity bios ...
Bleeping Computer

Lenovo UEFI firmware driver bugs affect over 100 laptop models

Lenovo has published a security advisory on vulnerabilities that impact its Unified Extensible Firmware Interface (UEFI) loaded on at least 100 of its laptop models. A total of three security issues ...
heise online

Security updates: UEFI security vulnerabilities jeopardize Lenovo All-in-One PCs

Due to several UEFI vulnerabilities, attackers can attack certain Lenovo All-in-One PC models from the IdeaCentre and Yoga series. In the worst case, they can bypass security mechanisms and completely ...