Lenovo Is In A Bundle Of Trouble … Again

Source: The Register Lenovo Is In A Bundle Of Trouble … Again

Stop Me If You’ve Heard This One Before

You might recall SuperFish from years back, or perhaps it was when Lenovo chose to hard code 12345678, the third most popular password of 2015, to protect their ShareIT application, or the vulnerabilities in their Accelerator support app or possibly even the issue with the Lenovo System Update but chances are you have heard of security issues with the applications bundled with your fancy Lenovo device.

Not one to back down from a challenge, we now have a new privilege escalation vulnerability on Lenovo products via the Lenovo Solution Centre, one which has been around since 2011.  This revelation did spur immediate action on Lenovo’s part, as they quickly moved back the EoL date for the product from November of last year to April.   The Register noticed there was something a little fishy with this, seeing as how the last update was pushed out in October which is a strange thing to do for an EoL product.

Long story short, if you have Lenovo Solution Centre installed on any of your machines, take a moment to uninstall it.

Uninstall Lenovo Solution Centre, and if you're really keen you can install Lenovo Vantage and/or Lenovo Diagnostics to retain the same branded functionality, albeit without the priv-esc part.

Video News

About The Author

Jeremy Hellstrom

Call it K7M.com, AMDMB.com, or PC Perspective, Jeremy has been hanging out and then working with the gang here for years. Apart from the front page you might find him on the BOINC Forums or possibly the Fraggin' Frogs if he has the time.


  1. James

    I kind of wrote them off as a massive security risk a long time ago. I am not sure I trust the other companies much more though. I guess when my old MacBook Pro dies, I might have to just get a new MacBook Pro. My current MacBook can’t be updated to the newest OS version but it still mostly handles what I use it for even though it is a core 2 duo (old 17 inch model). I have looked at some boutique makers though. I thought of getting a large linux laptop for work, but I have traveled with a large dell brick before and I don’t think I want something that heavy. Perhaps I should just get a iPad Pro and call it good.

  2. psuedonymous

    “but chances are you have heard of security issues with the applications bundled with your fancy ThinkPad.”

    Superfish et al were confined to the consumer models only, not present on business models (ThinkPad/ThinkCentre/etc).

    • Jeremy Hellstrom

      Fair point … will edit.

      Solution Centre on the other hand, though.


Leave a reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Latest Podcasts

Archive & Timeline

Previous 12 months
Explore: All The Years!