ThinkPwn a security threat for the ThinkPad series

ThinkPwn a security threat for the ThinkPad series

ThinkPwn a security threat for the ThinkPad seriesWindows security features such as Virtual Secure Mode, Secure Boot etc. are be contingent on low-level firmware been tamper-proof. An exploit that can disable the write-protection on critical firmware in ThinkPads from Lenovo.

The firmware labeled ThinkPwn was published earlier this week for which there is no patch available at the time of release. It targets flaw in the UEFI (Unified Extensible Firmware Interface) driver and giving access the hacker to execute rough codes in the SMM (System Management Mode) by disabling the write protection. UEFI is meant to standardize modern computer firmware through a reference specification. It is designed as a standby for the BIOS (Basic Input/Output System).

ThinkPwn is executed as a UEFI application which can be accomplished from a flash drive with the help of UEFI shell which require a physical connection to the machine. The PC manufacturers take enactments from IBVs (Independent Bios Vendors) and customize them themselves. Lenovo has betrothed its IBVs and Intel as well to classify and discard any vulnerabilities in the BIOS.

This susceptibility might affect other manufacturers as well. According to a report, the old Intel code having this kind of imperfection is present in the OEM of other IBVs.

leave a reply


2950 North Loop West Suite 500 Houston TX – 77092

+1 (832) 426-2567



Level 2, Prestige Omega, No. 104, EPIP Zone, Whitefield Bangalore – 560066 Karnataka

+91 70226 09430



1IT Enterprise a Technology Magazine which is focused on bridging the gap between Enterprises World and the insights based on success stories of established entrepreneurs.

Follow Us

Back to Top