- Jun 9, 2013
- 6,720
In the wake of Duo Security’s report on the critical vulnerabilities sported by Original Equipment Manufacturer (OEM) updaters loaded on popular laptop and desktop computers, Lenovo has advised users to uninstall its Accelerator Application.
“The vulnerability (CVE-2016-3944) resides within the update mechanism where a Lenovo server is queried to identify if application updates are available,” the company explained.
The flaw can be exploited by an attacker with local network access to perform remote code execution and take over control of the machine.
The Accelerator Application is apparently used to speed up the launch of the company’s applications, and is present on some Lenovo consumer notebook and desktop systems preloaded with Windows 10, but not on ThinkPad or ThinkStation devices.
Full Article. Lenovo tells users to uninstall vulnerable Accelerator app - Help Net Security
“The vulnerability (CVE-2016-3944) resides within the update mechanism where a Lenovo server is queried to identify if application updates are available,” the company explained.
The flaw can be exploited by an attacker with local network access to perform remote code execution and take over control of the machine.
The Accelerator Application is apparently used to speed up the launch of the company’s applications, and is present on some Lenovo consumer notebook and desktop systems preloaded with Windows 10, but not on ThinkPad or ThinkStation devices.
Full Article. Lenovo tells users to uninstall vulnerable Accelerator app - Help Net Security
