Lenovo Updates Remote Code Execution - Lenovo Support US

Lenovo Security Advisory: LEN-8313

Potential Impact: Remote code execution

Severity: High

**Scope of Impact:**Lenovo-specific

**CVE Identifier:**CVE-2016-8237

Summary Description:

During an internal investigation, a remote code execution vulnerability was discovered in Lenovo Updates (not Lenovo System Update). This could allow an attacker who is actively intercepting traffic between the user and the download site to intercept and maliciously alter update files being downloaded through the program and run those files with system level privileges.

Lenovo Updates is a program preloaded on some Lenovo and Idea brand notebook systems running Windows 7, Windows 8 and Windows 8.1 that installed updates to drivers, system BIOS, firmware and applications.

Mitigation Strategy for Customers (what you should do to protect yourself):

Lenovo Updates is no longer supported and Lenovo recommends customers uninstall this program. Lenovo System Update is still supported and not affected by this vulnerability.

This can be done either by uninstalling Lenovo Update through Windows’ “Programs and Features” or “Add/Remove Program” utility. Lenovo has also released an uninstallation utility for Lenovo Update and users can download this by following one of the links below and following the instructions in the readme file:

Lenovo Updates Disable Utility for Windows 7 (64-bit) - Lenovo E10-30

<https://pcsupport.lenovo.com/us/en/downloads/DS121170&gt;

Lenovo Updates Disable Utility for Windows 7 (64-bit), Windows 8.1 (64-bit) - Notebook

<https://pcsupport.lenovo.com/us/en/downloads/DS121171&gt;

Lenovo Updates Disable Utility for Windows 8.1 (64-bit) - Notebook

<https://pcsupport.lenovo.com/us/en/downloads/DS121179&gt;