The company has published data on a dangerous vulnerability found in the UEFI firmware of more than a hundred models of branded laptops. Using a developer error, attackers could install malware that is almost impossible to remove and difficult to detect with standard tools.

Three such vulnerabilities (CVE-2021-3970, CVE-2021-3971 and CVE-2021-3972) were discovered by ESET security experts back in October last year. The first allows a hacker to launch malicious firmware that puts the PC into an elevated mode of operation when there is local access to the device.

The other two are related to test drivers “forgotten” in the UEFI factory image. They allow you to manually disable Secure Boot and install low-level malware on your computer, as well as execute arbitrary code with elevated privileges.

“UEFI threats can be extremely difficult to detect and dangerous. They are executed at the beginning of the boot process before the transfer of control of the operating system and are able to bypass almost all security measures that could prevent an attack at the OS level, ”says ESET employee Martin Smolar.

Although all of these “holes” require local access to the device, Lenovo has recommended that users of laptops included in the list of affected models (about 100 models and about a million devices released) perform a UEFI update. This can be done using a proprietary utility or manually by downloading a new firmware version from the official website.