It should be protected, but the vulnerability in the System Management Interrupt (SMI) handler could mean access to the highly privileged System Management Mode (SMM) of the processor, which has access to normally hardware-protected memory.
#LENOVO DRIVER UPDATE UPDATE#
Right-click on the Lenovo device icon and select update device drivers. Click on devices and then on portable devices. Right-click on my computer and select manage. Click the Finish button when the installation is completed. SPI flash is a memory chip used for platform firmware code, such as UEFI firmware. Follow the steps in the installation wizard.
#LENOVO DRIVER UPDATE HOW TO#
ESET noted that an attacker would require administrative privileges carry out their misdeeds. Most PC and laptop owners know they need to periodically update their operating system software, security programs and so on.However, fewer computer users know how to update their device driversor even why drivers are so valuable. Lenovo deemed the trio to be of "medium" severity.
Commonly, Windows will show an 'Activate Windows' notice in the bottom-right.
Windows may prevent driver updates from being installed if the operating system is not properly licensed, prompting a message like this. Lenovo's advisory describes CVE-2021-3970 as a "potential vulnerability in Lenovo Variable SMI Handler due to insufficient validation in some Lenovo Notebook models may allow an attacker with local access and elevated privileges to execute arbitrary code." Lenovo System Update allows IT administrators to manage updates for BIOS, driver, and apps from a local server. See how convenient it is to update drivers with Bit Driver Updater. Driver Updater uses functions built into Windows to apply the updates after determining what updates are needed and acquiring them. CVE-2021-3970, which ESET researchers uncovered while digging into the other vulnerabilities, is a memory corruption issue, which could lead to deployment of an SPI flash implant.
0 kommentar(er)
