Lenovo is warning of high-severity BIOS flaws that could let attackers bypass Secure Boot on all-in-one desktops using customized Insyde UEFI firmware. Insyde also published a bulletin explaining that the flaws arise from OEM-specific customizations made by Lenovo in InsydeH2O UEFI firmware images, and do not apply to all systems using InsydeH2O UEFI. The flaws, discovered by Binarly, mirror those the researchers uncovered earlier this month, which impacted dozens of Gigabyte motherboard models, enabling local attackers to execute arbitrary code in System Management Mode (SMM). Lenovo has released firmware security updates for IdeaCenter AIO 3 models, urging users to upgrade to version O6BKT1AA. "The newly identified Lenovo vulnerabilities arise from the same recurring challenges tied to inconsistencies within the software supply chain," commented Binarly's Alex Matrosov to BleepingComputer. Bill Toulas Bill Toulas is a tech writer and infosec news reporter with over a decade of experience working on various online publications, covering open-source, Linux, malware, data breach incidents, and hacks. UEFI is the modern replacement for the traditional PC BIOS, acting as a firmware interface between the computer's hardware and the OS, controlling early initialization and booting. Exploiting flaws in SMM could help attackers plant 'undetectable' malware, bypassing OS-level security defenses, such as SecureBoot. This free, editable board report deck helps security leaders present risk, impact, and priorities in clear business terms. CISOs know that getting board buy-in starts with a clear, strategic view of how cloud security drives business value.
This Cyber News was published on www.bleepingcomputer.com. Publication date: Wed, 30 Jul 2025 14:55:10 +0000