Once again Lenovo is caught shipping PCs with dangerous crapware.–PC Pitstop
Lenovo Installing Immortal Crapware
by Bob Rankin
Lenovo has again been caught playing fast and loose with customers’ privacy and security. First, it was Superfish. Now, it’s vulnerable crapware that won’t go away, even if you reformat or replace your hard drive. Read on for the full story…
Lenovo Strikes (out) Again
In February of this year, I described how computer maker Lenovo was shipping laptops with adware that puts all of your Web browsing sessions at risk of hacking. Just as the furor over Superfish died down, Lenovo has been caught doing something even more egregious.
In 2011, Microsoft added a feature to Windows called Windows Platform Binary Table (WPBT). It allows computer vendors like Lenovo to store software in a PC’s firmware and inject it into the Windows system files upon startup. Such software is practically undetectable and “immortal.”
Reformatting or even replacing a hard drive will have no effect on software stored in firmware. In addition, software stored in firmware cannot be detected by ordinary anti-malware programs.
That’s because firmware resides on a chip on the computer’s motherboard, and not the hard drive. It cannot be erased without flashing the firmware ROM, an operation normally done only to update the system BIOS.
WPBT is intended to make computers more secure. Computer makers have the ability to embed security and license-verification software in firmware, where it cannot be erased by a virus or software pirate. But Lenovo went a step further than Microsoft intended.