Format-resistant software

The Lenovo Company tricked Windows anti-theft mechanism that checks firmware for executable files. They are pushing a lot of junky and insecure software that will be installed on your new reinstalled OS.

This is not the first time when Lenovo was caught on installing spyware on users’ computers. After some time, Lenovo released the removal tool.

During the time from October 2014 and April 2015 Lenovo used “Lenovo Service Engine” (LSE) feature to pre-install different kind of software on their laptops. Fortunately, most of the computer are clean from this “feature”.

The LSE on computers installs software called OneKey Optimizer (OKO), this program is bundled with many Lenovo laptops. OKO software is categorized as a badware, although some of the functions of this program are useful – it help users to update drivers and other routine system maintenance. But the dangerous part, is that both LSE and OKO are insecure software, which make it very easy to break into the system of such laptop.

Security issues, including buffer overflows and insecure network connections, were reported to Lenovo and Microsoft by researcher Roel Schouwenberg in April 2015. In response, Lenovo has stopped including LSE on new systems (the company says that systems built since June should be clean). It has provided firmware updates for affected laptops and issued instructions on how to disable the option on desktops and clean up the LSE files.