Lenovo used a hidden Windows feature to ensure its software could not be deleted
Category : CyberSecurity
A recently uncovered feature – which had been swept under the rug – allowed new Lenovo laptops to use new Windows features to install the company’s software and tools even if the computer was wiped.
The oddity was first noted by Ars Technica forum user ‘ge814‘ and corroborated by Hacker News user ‘chuckup.’
The users discovered the issue in May when using a new Lenovo laptop that automatically and covertly overwrote a system file on every boot, which downloaded a Lenovo updater and installed software automatically, even if Windows was reinstalled from a DVD.
The only problem is that nobody actually asked for this software, and it persisted between clean installs of Windows. Lenovo was essentially exploiting a rootkit on its own laptops to ensure its software persists if wiped.