As we all know that Lenovo Group Ltd. is a Chinese multinational technology company with headquarters in Beijing, China, and Morrisville, North Carolina, United States and recently Lenovo fixed a dangerous vulnerability in Lenovo Solution Center (LSC).
Lenovo Fixed A Dangerous Vulnerability In Lenovo Solution Center
[dropcap]The[/dropcap] tech giant Lenovo has corrected a dangerous vulnerability in its software tool Lenovo Solution Center (LSC). This time, Lenovo Solution Centre (LSC) software has been found to have a vulnerability that would allow anyone with local network access to the PC to execute arbitrary code on Windows and can gain complete control over the OS, as well as they can also use the software to elevate their privileges and then trick Lenovo Solution Center (LSC) into running the arbitrary code when starting up its service.
Lenovo Solution Center (LSC) is an application which comes pre-installed on many PCs and laptops from Lenovo production. The tool allows you to check the status of the firewall and the battery to back up your files, update the software, test hardware and obtain information about the warranty service of your product. The tool consists of two components, a graphical user interface, and LSC TaskService, it is the service running in the background even if the user interface is not running.
A statement from a spokesperson for Lenovo said that “In keeping with industry best practices, Lenovo moved rapidly to ready a fix and on April 26 it updated its security advisory disclosing this additional vulnerability and the availability of a fix that addressed it”
As soon as the Lenovo aware of this vulnerability, Lenovo moved rapidly to ready a fix and released a fix which can be downloaded by visiting the software’s page on their official website. The problem was fixed in version Lenovo Solution Center (LSC) 3.3.002. This case is not the first when the Lenovo Solution Center (LSC) detected this vulnerability (the first flaw was fixed in December last year).
Lenovo has not released a new notification about the problem, but simply updated the existing. Customers who have the Lenovo Solution Center (LSC) in auto update mode will be able to update the program simply when they open it and for the others, they have to install the update manually. As we mentioned earlier that the users can simply download the patch from the official website of Lenovo.