Lenovo is advising users of its Windows 10 laptops and desktops to uninstall the Accelerator Application software, which comes pre-loaded on its devices.

The company revealed in an advisory note that the auto update feature for the software is vulnerable to hacking as it can potentially be exploited by a "man-in-the-middle" (MitM) attack. Several desktop PCs and laptops from the company are susceptible to this attack — the Yoga lineup included — which basically renders the device open to hacking or clandestine malware installation.

Therefore, it has recommended that users uninstall the Accelerator Application.

"The vulnerability resides within the update mechanism where a Lenovo server is queried to identify if application updates are available. Lenovo recommends customers uninstall Lenovo Accelerator Application," notes the company.

The advisory note from the company was published on May 31, the same day when researchers from Duo Security shared a detailed report where they tested the security of several driver updaters, which come pre-loaded on the devices of the top five laptop OEMs.

The researchers tested out laptops from HP, Lenovo, Asus, Acer and Dell and discovered that all of these were vulnerable to remote code execution (RCE) and MitM attacks. The team tested Lenovo's Update Agent, and the Lenovo Solution Center and also chanced across the Accelerator Application's bug.

Researcher Mikhail Davidov contacted Lenovo to relay the discovery of the app making users of its device vulnerable to MitM attacks.

Lenovo took action and, instead of fixing the bug with an update, chose to remove the Accelerator Application completely. The company now asks users to completely uninstall it.

To uninstall the app, users need to head to Apps and Features in Windows 10. Select the Lenovo Accelerator Application and click Uninstall.

The Lenovo devices which are affected are listed below.

Lenovo Notebook Systems:

305

700

300S

500/500S

B40-30/B40-45/B40-45/B40-80

B41-30/B41-35/B41-80

B50-30/B50-30 Touch/B50-45/B50-80/B51-30/B51-35/B51-80

E31-70/E31-80/E40-30/E40-80/E41-80/E50-30/E50-80/E51-80

Edge 15

Edge 2-1580

Erazer N40-30/Erazer N40-45

Erazer N50-45/Erazer N50-45

Erazer Z41-70

Erazer Z51-70

FLEX 2 Pro

FLEX 3

FLEX 4

K20-80

K21-80

K41-70/K41-80

M41-70

M51-80

MIIX 3

MIIX 700

N41-35

N51-35

S21e-20

S41-35/S41-70/S41-75

TianYi 300

U31-70

U41-70

V4000

XiaoXin 700

Y50-70/Y50-70 Touch

Y50c

Y700/Y700 Touch

Y70-70 Touch

Y900

Yoga 2

YOGA 3 14

Yoga 3 Pro

Yoga 300

YOGA 500/YOGA 510

YOGA 700/YOGA 710/YOGA 900/YOGA 900S

Z41-70

Z51-70

Lenovo Desktop Systems:

50050C/50100E/50550A/50600I

A3300

A7300

A8150

B40

C20

C40

C50

C560

D3000

D5010/ D5050/ D5055

F5005/ F5050/ F5055

G5005/ G5010/ G5050/ G5055

H3005

H30-50

H5005/ H5055

H50-50

IdeaCentre 200

IdeaCentre 300/300S

IdeaCentre 510/510S

IdeaCentre 700

M7300z

M8300z/M8350z

M9550z

Yoga Home 500

ⓒ 2021 TECHTIMES.com All rights reserved. Do not reproduce without permission.