Lenovo Solution Center gets patched after discovering major vulnerabilities

Lenovo advertises its Lenovo Solution Center (LSC) software as a one-stop place for checking on updates, system status, current network connections, and system security features. While this can potentially add value for the consumer, it can also open up vulnerabilities and dangers. Lenovo must swiftly update its software with security patches if or when holes are discovered. Unfortunately, not all users running LSC will manually or automatically update the software, which has made it a popular target for hackers especially since it can also grant high authorization levels for outside users.

A recent flaw in LSC has once again opened up the software to multiple security issues. The update is of "High" priority according to LSC as the vulnerabilities can also affect anti-virus programs and allow unauthorized users to control part of the system and execute malicious code. This level of control is normally extremely difficult on other notebooks since the Windows operating system takes more stringent security measures, but LSC lets hackers slip through some of Windows' built-in features.

Lenovo is urgently advising all of its users to update to 3.3.003 since all previous versions are affected. Launching LSC or the Lenovo System Update Utility should automatically inform users of the update.

The Chinese manufacturer was quick to respond to the vulnerability discoveries claiming that LSC is relatively safe compared to other pre-installed programs.

Source(s)