Lenovo has released patches to fix critical Wi-Fi vulnerabilities

IT | Feb 24, 2018 |

Lenovo informed customers on Friday that two critical Broadcom vulnerabilities (Identified as CVE-2017-11120 and CVE-2017-11121) affect 25 models of its common ThinkPad brand.

The two vulnerabilities were discovered by security researchers from Google Project Zero and first revealed in September 2017, they were only reported to affect specific Broadcom chipsets applied in Apple iPhones, Apple TV and Android devices.

The researcher of Google Project Zero demonstrated that an attacker inside Wi-Fi range could exploit CVE-2017-11120, an out-of-bounds write issue, to perform arbitrary code execution on an affected device.

According to the researcher:
“Upon successful execution of the exploit, a backdoor is inserted into the firmware, allowing remote read/write commands to be issued to the firmware via crafted action frames (thus allowing easy remote control over the Wi-Fi chip),”

The CVE-2017-11121 bug, which is a buffer overflow vulnerability caused by improper validation of Wi-Fi signals. This could lead to remote code execution as well.

Lenovo said last week:
“Broadcom has issued an advisory for certain Broadcom WiFi controllers used by many computer and device makers, which contain buffer overflow vulnerabilities on the adapter (not the system CPU)”

ThinkPad clients are recommended by Lenovo to update their Wi-Fi driver to the latest version.

Source: support.lenovo.com

Keywords: Lenovo, Safety, security holes, patch, wifi, vulnerabilities

Sources: support.lenovo.com


comments powered by Disqus

Page 1 of 355  >  >>

The countdown has started for Windows 7


Jan 17, 2019 | Category: Microsoft | Comments

Microsoft will stop free support by 2020.

It has been known for a long time that the official support for Windows 7 is nearing the end. January 14, 2020, is the date, then Microsoft will no longer provide free support to users of this OS and security updates will stop. You will still be able to use Windows 7, but in many ways, you will be left to yourself, at your own risk.

read more…

You can connect this thin screen to almost anything


Jan 16, 2019 | Category: General | Comments

The Lapscreen is almost a perfect traveling companion.

More and more devices use the USB C standard, and now there is a lot of new enhancement that uses the technology.

read more…

OnePlus 7 image leaked - where in the day is the camera?


Jan 15, 2019 | Category: General | Comments

Frameless and no holes in the screen.

OnePlus 6T has only been a few months in the store shelves, but a picture that has appeared on the web is bouncing up the speculation about the next flagship.

read more…

Page 1 of 355  >  >>