Lenovo Security Advisory: LEN-17417
Potential Impact: Unauthorized bootloader allowed to run during system boot, reducing protection against rootkits
Scope of Impact: Lenovo-specific
CVE Identifier: CVE-2017-3771
System boot process is not adequately secured because systems were shipped from factory without completing BIOS/UEFI initialization process.
Mitigation Strategy for Customers (what you should do to protect yourself):
Upgrade BIOS/UEFI to version M16KT40A or later. Refer to the Product Impact section below and download the appropriate upgrade package for your model.
Users who want to remain on an older BIOS/UEFI version may complete the initialization process manually by following these steps: