Lenovo has waved the white flag on a vulnerable component of its pre-installed software updater and recommends that users uninstall it from more than 110 notebook and desktop models running Windows 10. The decision to have users yank the Lenovo Accelerator Application comes days after a Duo Labs study on bloatware vulnerabilities exposing machines from...

A new vulnerability has been discovered in Lenovo’s much-maligned Lenovo Solution Center (LSC) software. The vulnerability allows attackers with local network access to a PC to execute arbitrary code, said researchers at Trustwave SpiderLabs. The flaw allows an attacker to elevate privileges and is tied to the LSC application’s backend. It opens the door for a malicious attacker...

Lenovo has patched two serious vulnerabilities that hackers could abuse in targeted attacks, or at scale, to easily guess administrator passwords on a compromised device, or elevate privileges to Windows SYSTEM user. The vulnerabilities were patched last Thursday by the manufacturer and details were disclosed Tuesday by researchers at IOActive, who privately reported the flaws...