Lenovo has been found to be installing software on their Windows PCs that cannot be removed by their users unless they download a special patch and tool. The software is automatically downloaded on those systems even if their owners perform a clean install of Windows.
Here's the summary of what those affected Lenovo PCs have been downloading and why, as reported by The Next Web:
Lenovo used the "Windows Platform Binary Table" developed by Microsoft, to deliver its software on its PCs. It's designed to send and install software from the BIOS to the system and will stick around even with a clean install of Windows.
As it turns out, Lenovo was apparently aware of a "security vulnerability" earlier in 2015 in its Lenovo Service Engine after it was alerted by a researcher. It has since released a BIOS update to disable the service engine, along with a software tool designed to remove any services and files sent via that engine. The files are available for Lenovo notebooks as well as the company's desktops. A list of affected Lenovo PCs are available at both download sites. Lenovo added that the service engine is no longer being installed on the company's new PCs.
From the Lenovo Press Release on the issue:
Lenovo specifically mentions that the "software does not come loaded on any Think-branded PCs."
This is the second time this year Lenovo has been found to have installed software on their PCs without previously informing their customers. In the fall of 2014, the company pre-installed the Superfish software on some of its notebooks. Users later discovered the application placed third-party ads on Google search results and other websites, and also used a root certificate that was quickly cracked by security researchers. After this was revealed to the public in 2015, Lenovo apologized and offered PC owners with the Superfish program a way to delete both the software and the certificate.
Source: The Next Web
Get the Windows Central Newsletter
All the latest news, reviews, and guides for Windows and Xbox diehards.