this post was submitted on 06 Jul 2025
17 points (100.0% liked)

Pulse of Truth

1294 readers
24 users here now

Cyber Security news and links to cyber security stories that could make you go hmmm. The content is exactly as it is consumed through RSS feeds and wont be edited (except for the occasional encoding errors).

This community is automagically fed by an instance of Dittybopper.

founded 2 years ago
MODERATORS
 

A significant security vulnerability has been discovered in Lenovo’s preloaded Windows operating systems, where a writable file in the Windows directory enables attackers to bypass Microsoft’s AppLocker security framework.  The issue affects all variants of Lenovo machines running default Windows installations and poses serious implications for enterprise security environments. The vulnerability centers around the MFGSTAT.zip […] The post Writable File in Lenovo’s Windows Directory Enables a Stealthy AppLocker Bypass appeared first on Cyber Security News.

top 1 comments
sorted by: hot top controversial new old
[–] mriswith@lemmy.world 2 points 1 day ago* (last edited 1 day ago)

So not only does Lenovo hide executables in alternate data streams, that can be launched as if ran from within the Windows folder. It's writable by logged in users. And it was first discovered six years ago, and is still there.

On top of that, Lenovo is apparently not going to release any patches, they're just going to give out some "remediation guidance".

I live on the other side of the world from their HQ, and I can hear the lawyers screaming and paralegals furiously typing.