Lenovo, the world’s largest PC maker by shipments, is instructing users on how to uninstall its own software after a vulnerability was discovered.
The warning, which is posted on Lenovo’s Support pages, reads as follows (emphasis ours):
Lenovo was recently alerted by a cyber-security threat intelligence partner and US-CERT to a vulnerability report concerning its Lenovo Solution Center (LSC) application. We are urgently assessing the vulnerability report and will provide an update and applicable fixes as rapidly as possible. To remove the potential risk posed by this vulnerability, users can uninstall the Lenovo Solution Center application using the add / remove programs function.
The US-CERT Vulnerability report states that: “The Lenovo Solution Center application contains multiple vulnerabilities that can allow an attacker to execute arbitrary code with SYSTEM privileges.”
This is not good news.
Lenovo was previously caught up in the “Superfish” scandal. Its PCs came preinstalled with software that served up intrusive and unwanted adverts on websites like Google.
Lenovo also bought Motorola Mobility, the smartphone company, for $2.9 billion (£1.9 billion) from Google. The costs of the purchase mixed with poor smartphone sales forced the company into a $750 million (£500 million) loss in Q3 2015.
Business Insider Emails & Alerts
Site highlights each day to your inbox.