Serious security holes found in Lenovo's finger sensor program
Serious security holes found in Lenovo's finger sensor program
Share onThese PCs may be affected.
Lenovo warns that a serious vulnerability has been found in the fingerprint reader software on several of the company's PCs. The software in question is Lenovo Fingerprint Manager Pro.
These PCs may be affected.
Lenovo warns that a serious vulnerability has been found in the fingerprint reader software on several of the company's PCs. The software in question is Lenovo Fingerprint Manager Pro.
Ask users to update
This application is used for authentication when logging on to Windows, but also on sites, it is configured for. Lenovo writes that sensitive information is stored in the software with a weak encryption algorithm and contains hard-coded passwords and access for accounts that do not have administrator privileges.
Lenovo confirms that the software does not adequately protect the stored details and encourages users to update to the latest version 8.01.87 software that seals the security hole. The vulnerability affects Windows 7, 8 and 8.1, but not Windows 10 because the operating system has built-in support - Windows Hello - for finger sensors.
Several of Lenovo's PCs may contain vulnerability and apply so far to the company's business systems in the ThinkPad, ThinkCentre, and ThinkStation series:
- ThinkPad L560
- ThinkPad P40 Yoga, P50s
- ThinkPad T440, T440p, T440s, T450, T450s, T460, T540p, T550, T560
- ThinkPad W540, W541, W550s
- ThinkPad X1 Carbon (Type 20A7, 20A8), X1 Carbon (Type 20BS, 20BT)
- ThinkPad X240, X240s, X250, X260
- ThinkPad Yoga 14 (20FY), Yoga 460
- ThinkCentre M73, M73z, M78, M79, M83, M93, M93p, M93z
- ThinkStation E32, P300, P500, P700, P900