We all know very well that increasingly the manufacturers choose to incorporate biometric sensors into their equipment simply to ensure an additional level of security. However, now according to the latest reports, Lenovo shipped a hackable fingerprint manager along with its laptops to users.
Lenovo Shipped A Hackable Fingerprint Manager With Its Laptops
Increasingly, manufacturers choose to incorporate biometric sensors into their equipment, which can ensure additional levels of security and provide firm protection to users.
However, as they depend on software, these systems are exposed to problems and failures. This is precisely what happens now with several models of the ThinkPad line and its fingerprint reader.
The ThinkPad security issue
It was Lenovo itself that disclosed the serious flaw that exists in Fingerprint Manager Pro, its fingerprint management software, that could allow unauthorized access to sensitive user data such as Windows credentials and access data to Internet sites.
According to the mark, this application protects the data using a weak cypher algorithm and still has a master password, which can also be easily obtained. Any system user, even without administrator permissions, can gain access to this data.
The good news is that this flaw only affects Windows 7, Windows 8 and Windows 8.1. In the case of Windows 10, the failure does not exist because Lenovo chose to use the Windows engines. There is also an indication that this failure requires physical access to the equipment to be exploited.
Models affected by this failure
Lenovo has well-identified equipment that is vulnerable to the presence of the Fingerprint Manager Pro, and has shared the list where the affected models are indicated and here are the models mentioned below:-
- ThinkPad L560
- ThinkPad P40 Yoga, P50s
- ThinkPad T440, T440p, T440s, T450, T450s, T460, T540p, T550, T560
- ThinkPad W540, W541, W550s
- ThinkPad X1 Carbon (Type 20A7, 20A8), X1 Carbon (Type 20BS, 20BT)
- ThinkPad X240, X240s, X250, X260
- ThinkPad Yoga 14 (20FY), Yoga 460
- ThinkCentre M73, M73z, M78, M79, M83, M93, M93p, M93z
- ThinkStation E32, P300, P500, P700, P900
The solution has already been released
To resolve the problem Lenovo changed the points of failure identified in Fingerprint Manager Pro and has already released a new version where the problem does not exist.
This is why everyone is advised to upgrade to the latest version available on this page. All you have to do is install the new version to eliminate the problem.
Despite being a major flaw, with major implications for user data security, Lenovo was quick to respond and presented the solution to mitigate the problem.
So, what do you think about this major security flaw? Simply share all your views and thoughts in the comment section below.