Security researcher Dmytro Oleksiuk claims to have found a critical security flaw in Thinkpads that could allow hackers to dodge the basic security protocols for Windows devices. The flaw allows random System Management Mode (SMM) code execution.
Accordint to Oleksiuk, “Running of arbitrary System Management Mode code allows attacker to disable flash write protection and infect platform firmware, disable Secure Boot, bypass Virtual Secure Mode (Credential Guard, etc.) on Windows 10 Enterprise and do other evil things”
The flawed firmware driver is said to have come from intel. Oleksiuk believes that Lenovo’s ThinkPad series are not the only ones affected but other Windows powered devices from other OEMS that use the same vulnerable code from intel.
Lenovo’s attempt to converse with Oleksiuk before he made the vulnerability public failed, the company said. The company has now engaged all of its independent BIOS vendors as well as intel to identify and handle any other instance of vulnerability in the BIOS provided to Lenovo by other IBVs.