Lenovo Machines Vulnerable To Bypass Fingerprint Scanner.
A Fingerprint vulnerability exists in Lenovo systems. If you have older version of Lenovo Fingerprint Manager Pro for Windows 8.1 (32-bit, 64-bit), 8 (32-bit, 64-bit), 7 (32-bit, 64-bit) - ThinkPad, ThinkCentre, Workstation. Hackers could bypass fingerprint scanner by using a hardcoded password and access the victim computer system.
Company acknowledge the vulnerability which affects the lenovo systems.
A vulnerability has been identified in Lenovo Fingerprint Manager Pro. Sensitive data stored by Lenovo Fingerprint Manager Pro, including users’ Windows logon credentials and fingerprint data, is encrypted using a weak algorithm, contains a hard-coded password, and is accessible to all users with local non-administrative access to the system it is installed in.
Lenovo Fingerprint Manager Pro is a utility for Windows 7, 8 and 8.1 that allows users to log into their PCs or authenticate to configured websites using fingerprint recognition. Mitigation Strategy for Customers (what you should do to protect yourself): Update Fingerprint Manager Pro to version 8.01.87 or later.
Product Impact: Note: Models with Windows 10 are not affected. Windows 10 systems instead use Microsoft's built-in fingerprint reader support.
Lenovo Fingerprint Manager Pro may be installed on the following systems:
- ThinkPad L560
- ThinkPad P40 Yoga, P50s
- ThinkPad T440, T440p, T440s, T450, T450s, T460, T540p, T550, T560
- ThinkPad W540, W541, W550s
- ThinkPad X1 Carbon (Type 20A7, 20A8), X1 Carbon (Type 20BS, 20BT)
- ThinkPad X240, X240s, X250, X260
- ThinkPad Yoga 14 (20FY), Yoga 460
- ThinkCentre M73, M73z, M78, M79, M83, M93, M93p, M93z
- ThinkStation E32, P300, P500, P700, P900
How to Fix?
Update Fingerprint Manager Pro to version 8.01.87 or later.
The important thing is that how much we aware about Computer Security.