A wide range of Lenovo laptop models has been fixed on a high severity vulnerability that allowed hackers with physical access to log in and then obtain users’ sensitive data and Windows login credentials.
Lenovo confirmed the vulnerability in its Fingerprint Manager Pro software that comes bundled in most of its Think models. ThinkPad, ThinkCentre, and ThinkStation Lenovo models are the models which are typically made with the vulnerability residing in the Lenovo Fingerprint Manager Pro.
Users’ Windows login credentials and fingerprint data are the sensitive data stored by Lenovo Fingerprint Manager Pro, and it is said to be encrypted using a weak algorithm, containing a hard-coded password. As we all know weak encryption algorithm makes it easy and possible for someone with local non-administrative access to read Windows Login credentials and fingerprint data for malicious reasons.
However, even if you logged in on the PC, you won’t be able to access all personal or financial details. Sites such as www.houseofjack.com use the latest Secure Sockets Layer (SSL) encryption technology to ensure your information is safe online.
This is quite a tragedy to think of how many people use these models and how many could have, or are in the process of being hacked. With this being the case the company is urging people to upgrade to version 8.01.87 because this version has a better encryption algorithm. This vulnerability only targets people with machines running Windows 7, and Windows 8.1, so for a Windows 10 user ‘you are on a safe side’.
To perform the hack, hackers exploit the security hole by having physical access to an affected machine, so to stay safe the Lenovo users should make sure there is no Shifty Steve anywhere close to their computers. Although physical access is required to exploit the vulnerability it is always safe to be sure that you are free from hackers online as well. A VPN can help with this and you may want to look at ipvanish reviews, as well as the reviews of other providers to find one that is good for you. One of the main ways hackers gain access to your data is through public internet access points like 5G or airport wi-fi. They read your data as it is passed from your computer through to the internet servers, but a VPN encrypts this data as it is passed which makes it harder for hackers to access it. So it’s important to invest in protections like these, especially if you are taking part in activities like real money online gambling using your credit card information. Windows login credentials are designed specifically to safeguard the user against scenarios where a user loses control of their hardware.