Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

Lenovo Accelerator Application contains a bug that allows remote hack of your PC

A study of Duo Security revealed that Lenovo Accelerator Application support tool contains a high-risk flaw that allows remote code execution. Once again bad news for Lenovo users, the company is informing them that the Lenovo Accelerator Application contains a high-risk vulnerability that could be exploited by hackers to remotely execute code on the machine and […]

Lenovo

A study of Duo Security revealed that Lenovo Accelerator Application support tool contains a high-risk flaw that allows remote code execution.

Once again bad news for Lenovo users, the company is informing them that the Lenovo Accelerator Application contains a high-risk vulnerability that could be exploited by hackers to remotely execute code on the machine and take over it.

The Lenovo Accelerator Application is an application preloaded on Lenovo computers that the vendor suggests removing due to the presence of the flaw.

The Lenovo Accelerator Application was designed by Lenovo to speed up the launch of its applications.

The flaw was reported by security experts from the Duo Security firm that assessed OEM software update tools from five PC manufacturers, Acer, ASUSTeK Computer, Lenovo, Dell and HP .

The analysis, titled “Out-of-Box Exploitation – A Security Analysis of OEM Updaters” revealed that all of them had at least one serious flaw that could be exploited by hackers to compromise the system.

Researchers at Duo Security discovered that the flaw resides in the update component of the Lenovo Accelerator Application, so called LiveAgent. The LiveAgent does not use encrypted connections when contact and download the updates from the company servers. Another issue highlighted by the researchers is that LiveAgent does not validate the authenticity of the updates through digital signatures of the binaries.

Lenovo Accelerator Application flaw

 

An attacker can exploit the lack of encryption for communications to launch a MiTM attack and serve to the LiveAgent malicious files instead the legitimate updates.

The lack of signature validation is one of the most common problems discovered during the study.

“Lenovo recommends customers uninstall Lenovo Accelerator Application by going to the ‘Apps and Features’ application in Windows 10, selecting Lenovo Accelerator Application and clicking on ‘Uninstall’,” states a security advisory issued by Lenovo.

Lenovo will release as soon as possible a System Update removal utility soon order to solve the issue.

Unfortunately, the study demonstrates that is it quite common to discover serious security issues in the support tools and third-party applications preloaded by vendors in their PCs.

If you appreciate my effort in spreading cyber security awareness, please vote for Security Affairs as best European Security Blog. Vote SecurityAffairs in every section it is reported. I’m one of the finalists and I want to demonstrate that the Security Affairs community a great reality.

https://www.surveymonkey.com/r/secbloggerwards2016

Thank you

Pierluigi

[adrotate banner=”9″]

Pierluigi Paganini

(Security Affairs – Lenovo Accelerator Application, hacking)