Lenovo Acknowledges Vulnerabilities In Its Fingerprint Manager Pro Software, Releases Update!

by Jed John 0

Lenovo‘s laptop business can be credited to be the aspect which keeps the company afloat despite a turbulent era which the smartphone arm faced recently. The company is only second to HP in terms of market shares in the laptop business. One attractive feature of Lenovo’s laptop line is the Fingerprint authentication which it packs. But recently Lenovo has acknowledged that the fingerprint authentication software dubbed Fingerprint Manager Pro (version 8.01.86) has security holes that allow attackers to access any system equipped with the application. The Lenovo Fingerprint Manager Pro is a utility that allows users to log into their laptop and configured websites by using the fingerprint. The affected family models include Lenovo’s ThinkPad, ThinkCentre, and ThinkStation laptops.Lenovo Thinkpad

 A statement released by Lenovo reads thus, “A vulnerability has been identified in Lenovo Fingerprint Manager Pro. Sensitive data stored by Lenovo Fingerprint Manager Pro, including users’ Windows logon credentials and fingerprint data, is encrypted using a weak algorithm, contains a hard-coded password, and is accessible to all users with local non-administrative access to the system it is installed in.”

The vulnerability was reportedly discovered by Jackson Thuraisamy, a senior security consultant with Security Compass. The vulnerability does not affect Lenovo’s laptops running Microsoft Windows 10.1 because Windows 10 comes with support for fingerprint reader technology. However, it affects a dozen Lenovo laptop models that run versions of Microsoft Windows 7, 8 and the 8.1 operating system. The statement also lists the models affected to include;

  • ThinkPad L560
  • ThinkPad P40 Yoga, P50s
  • ThinkPad T440, T440p, T440s, T450, T450s, T460, T540p, T550, T560
  • ThinkPad W540, W541, W550s
  • ThinkPad X1 Carbon (Type 20A7, 20A8), X1 Carbon (Type 20BS, 20BT)
  • ThinkPad X240, X240s, X250, X260
  • ThinkPad Yoga 14 (20FY), Yoga 460
  • ThinkCentre M73, M73z, M78, M79, M83, M93, M93p, M93z
  • ThinkStation E32, P300, P500, P700, P900

Also Trending: OPPO Will Be Among The First Manufacturers To Release A 5G Smartphone: CEO

 If you own any of the Lenovo models listed above, you need not worry as the company has created a fix in form of an update. Customers who own any of the affected models are urged to update Fingerprint Manager Pro to version 8.01.87 or later.

(source)