Lenovo Security Advisory: LEN-17417
Potential Impact: Unauthorized bootloader allowed to run during system boot, reducing protection against rootkits
Severity: Medium
**Scope of Impact:**Lenovo-specific
**CVE Identifier:**CVE-2017-3771
Summary Description:
System boot process is not adequately secured because systems were shipped from factory without completing BIOS/UEFI initialization process.
Mitigation Strategy for Customers (what you should do to protect yourself):
Upgrade BIOS/UEFI to version M16KT40A or later. Refer to the Product Impact section below and download the appropriate upgrade package for your model.
Users who want to remain on an older BIOS/UEFI version may complete the initialization process manually by following these steps: