Most computers that ship with Windows also ship with some third-party software installed by the PC maker. Some of that software can be useful, including drivers for touchpads, cameras, wireless cards, and other hardware. Some is less useful, including pre-installed free trial security or office software.

You’d think that one way to get rid of all those apps would be to completely re-install Windows. But if you have a recent Lenovo laptop, that might not be enough: because as some users have noticed, Lenovo included a tool in the BIOS on many of its laptops that automatically replaces a Windows system file and causes the computers to download Lenovo’s software.

Don’t like the idea of Lenovo hijacking you clean install of Windows? There’s an optional update that disables the service.

lenovo yoga 3 11

Theoretically, Lenovo’s software could provide a way to make sure your computer has all the software it needs to run properly. Microsoft allows PC makers to do this sort of thing.

So why is Lenovo letting users disable the service? Because it’s also been identified as the source of a security vulnerability, since it opens the door for someone to install malware on your computer.

Lenovo says affected computers include a number of systems that have shipped with Windows 7, Windows 8.1 and Windows 10 software including the Flex 2 Pro, Flex 3 11, Flex 3 14, IdeaPad S21e, Yoga 3 11, Yoga 3 14, and others.

It’s worth noting that Lenovo could have opted to patch the security vulnerability and continued replacing Microsoft’s updater with its own software. But instead the company chose to issue a patch that disables the process altogether.

Maybe the company really did learn something from the Superfish debacle earlier this year.

via Hacker News and TNW


Support Liliputing

Liliputing's primary sources of revenue are advertising and affiliate links (if you click the "Shop" button at the top of the page and buy something on Amazon, for example, we'll get a small commission).

But there are several ways you can support the site directly even if you're using an ad blocker* and hate online shopping.

Contribute to our Patreon campaign


Contribute via PayPal

* If you are using an ad blocker like uBlock Origin and seeing a pop-up message at the bottom of the screen, we have a guide that may help you disable it.

Subscribe to Liliputing via Email

Enter your email address to subscribe to this blog and receive notifications of new posts by email.

Join 9,545 other subscribers

5 replies on “Some Lenovo laptops install software even after you clean install Windows (but there’s a fix)”

  1. Let’s be clear what is going on here. Lenovo is/was abusing the WPBT table which is ‘supposed’ to let PC manufactures install required drivers. The table details a location in memory where an application can be download from – it does need to be appropriately signed/timestamped, but then Windows will happily run it.

    So there are a number of potential problems:
    1). _Any_ BIOS can include this WPBT in ACPI list at any time in the future… maybe after a secret knock on the network interface.
    2). The table includes space for additional command parameters, which aren’t signed.
    3). It’s not like the security researchers haven’t already been flashing network cards to mess with ACPI tables/values.
    4). It’s probably not hard to find a signed binary to include; just tailor it’s operation with the command parameters.

    I think that Lenovo may have accidentally lifted the lid on a whole new class/round of malware…

    1. If it is as you describe it, an easy to abuse/exploit hole in Windows, then the real villain here is (once again) Microsoft – for providing this hole in the first place. Yes Lenovo is Evil too. But as long as you leave your door unlocked, sooner or later some unwanted person is going to walk through it. Microsoft left that door unlocked.

  2. wth, Lenovo…this will probably make me not buy and Lenovo or Zuk phones either. this can’t possibly be worth it to them

  3. Wow, this means Lenovo doesn’t learn from the past. I really don’t want to buy a Lenovo PC including their ThinkPad and ThinkStation brands (who knows what really is “included” despite their claims about their business line).

    Lenovo == Shady

Comments are closed.