Lenovo has been caught, yet again, installing apps on its laptops and workstations without the user’s consent or knowledge, as Michael Horowitz from Computerworld reports.
This is not the first time Lenovo has done this, as earlier this year, in February, security experts found that the company installed the Superfish Visual Discovery software on PCs, an adware program that inserted ads in Web search results.
The software was not only hidden to users but also came with glaring security holes that could have been exploited by attackers.
This didn’t stop here though, the company being caught again in August, when it covertly added a piece of code to its laptops’ firmware, which allowed it to push software to the user’s operating system. As with the first, this one was laced with security holes as well.
Lenovo’s ThinkPad, ThinkCentre and ThinkStation series are affected
Now, apparently, the company is back to its shady ways, Mr. Horowitz discovering that laptops and workstations from Lenovo’s ThinkPad, ThinkCentre and ThinkStation series come equipped with another software program that can easily be categorized as spyware.
The program is called Lenovo Customer Feedback Program 64, and it runs daily, connecting to Lenovo’s servers and uploading “non-personal and non-identifying information about Lenovo software application usage.”
Mr. Horowitz does say that all of this is mentioned in the company’s EULA, but he “can’t recall ever being asked about a Customer Feedback program,” while ever setting up Lenovo machines.
After the two previous cases, even if, legally, Lenovo mentioned this small program in its EULA, this does not excuse Lenovo.
Even if Microsoft has been doing the same thing, collecting data on its users, Lenovo will surely lose whatever is left of its reputation and user trust.
Mr. Horowitz recommends using TaskSchedulerView to search your Lenovo PCs and stop the Lenovo Customer Feedback Program 64 daily task from running. Additionally, he also urges users to rename the “C:\Program Files (x86)\Lenovo” just in case.
He is a well-known expert in mobile security and malware analysis. He studied Computer Science at NYU and started working as a cyber security analyst in 2003. He is actively working as an anti-malware expert. He also worked for security companies like Kaspersky Lab. His everyday job includes researching about new malware and cyber security incidents. Also he has deep level of knowledge in mobile security and mobile vulnerabilities.