Secure BIOS/UEFI Set-up Incomplete in Lenovo E95 and ThinkCentre M710s/M710t - us

2017-10-24T00:00:00
ID LENOVO:PS500145-NOSID
Type lenovo
Reporter Lenovo
Modified 2017-10-24T00:00:00

Description

Lenovo Security Advisory: LEN-17417

Potential Impact: Unauthorized bootloader allowed to run during system boot, reducing protection against rootkits

Severity: Medium

Scope of Impact: Lenovo-specific

CVE Identifier: CVE-2017-3771

Summary Description:

System boot process is not adequately secured because systems were shipped from factory without completing BIOS/UEFI initialization process.

Mitigation Strategy for Customers (what you should do to protect yourself):

Upgrade BIOS/UEFI to version M16KT40A or later. Refer to the Product Impact section below and download the appropriate upgrade package for your model.

Users who want to remain on an older BIOS/UEFI version may complete the initialization process manually by following these steps:

  1. Boot to BIOS/UEFI setup
  2. In the menu select “Security”, then “Secure Boot”
  3. Select “Restore factory keys”
  4. Save changes and exit