Chinese PC manufacturer Lenovo advises customers to remove its 'Lenovo Accelerator' software because it contains a vulnerability that allows an attacker to install malware on the computer. The advice comes after Duo Security released a report earlier this week that revealed that several software-updaters of several PC manufacturers contain serious security issues.
It's e.g. possible for an attacker to offer malicious updates because software-updaters often don't validate them after downloading, or simply download over an unencrypted connection. By abusing this, a malicious update can be automatically installed on the computer.
The Lenovo Accelerator software is now also found to be unsafe and it's therefore recommended to remove it. The software comes preinstalled on 100s of Lenovo laptop and desktop models, its purpose is to increase the performance of other Lenovo applications.
