Get Even More Visitors To Your Blog, Upgrade To A Business Listing >>

Lenovo Vulnerability May Let Hackers Bypass Fingerprint Sensors


Lenovo has detailed a new security vulnerability discovered in its Fingerprint Manager Pro software that may allow hackers to bypass the fingerprint sensor on some Lenovo PCs. The severity of this vulnerability is high and it’s specific to the company’s machines. Select models from the company’s Thinkpad, ThinkStation, and ThinkCentre lines are affected by this vulnerability but there’s no waiting for a fix, fortunately, because Lenovo has already released one.

Lenovo detailed that a vulnerability was discovered in the Fingerprint Manager Pro Software which put sensitive data stored by the software at risk. Lenovo Fingerprint Manager Pro is a utility for Windows 7, Windows 8, and Windows 8.1 that enables users to log into their PCs and authenticate configured websites with fingerprint recognition.

The data it stores include Windows logon credentials and fingerprint data. It was encrypted using a weak algorithm and contained a hard-coded password that was accessible to all users with local non-administrative access to the system it’s installed in.

Since exploiting the vulnerability required local access, nobody could exploit it remotely over the internet, the attacker had to bypass the fingerprint security in person and that meant having physical access to the machine.

The full list of affected models is available on Lenovo’s website. The company has already released an updated version of the utility which fixes this vulnerability.

Lenovo Vulnerability May Let Hackers Bypass Fingerprint Sensors , original content from Ubergizmo. Read our Copyrights and terms of use.


This post first appeared on Ubergizmo, please read the originial post: here

Share the post

Lenovo Vulnerability May Let Hackers Bypass Fingerprint Sensors

×

Subscribe to Ubergizmo

Get updates delivered right to your inbox!

Thank you for your subscription

×