Secure BIOS/UEFI Set-up Incomplete in Lenovo E95 and ThinkCentre M710s/M710t - Lenovo Support US

Lenovo Security Advisory: LEN-17417

Potential Impact: Unauthorized bootloader allowed to run during system boot, reducing protection against rootkits

Severity: Medium

**Scope of Impact:**Lenovo-specific

**CVE Identifier:**CVE-2017-3771

Summary Description:

System boot process is not adequately secured because systems were shipped from factory without completing BIOS/UEFI initialization process.

Mitigation Strategy for Customers (what you should do to protect yourself):

Upgrade BIOS/UEFI to version M16KT40A or later. Refer to the Product Impact section below and download the appropriate upgrade package for your model.

Users who want to remain on an older BIOS/UEFI version may complete the initialization process manually by following these steps:

1. Boot to BIOS/UEFI setup
2. In the menu select “Security”, then “Secure Boot”
3. Select “Restore factory keys”
4. Save changes and exit