Published: Tue, January 30, 2018
Sci-tech | By Brandy Patterson

Lenovo's fingerprint manager leaves your password vulnerable

Lenovo's fingerprint manager leaves your password vulnerable

Select models of Lenovo's ThinkPad, ThinkCentre and ThinkStation systems are affected by this vulnerability.

Apparently, the software has a weak encryption that makes it easier for anyone to bypass the fingerprint scanner and gain access to the system.

More news: Arsene Wenger Hints Mesut Ozil Is 'Ready to Commit'

A total of 39 models of ThinkPad laptops and ThinkCentre and ThinkStation computers shipped with Fingerprint Manager Pro included.

The software stores sensitive information such as user's biometric data and Windows login credentials.

More news: Parents lose battle to keep son Isaiah Haastrup alive

Rated high severity, Lenovo said that users need to install version 8.01.87 to fix these critical security issues. Lenovo has acknowledged the flaw and released an update to its Fingerprint Manager Pro as a part of its mitigation strategy.

Those with the following systems should download the patch, especially if they use Fingerprint Manager Pro, as soon as possible if they are not running Windows 10.

More news: Hard Facts About Banco Bradesco SA (NYSE:BBD)

Users running Windows 10 can rest assured as the vulnerability doesn't pose any threats to their machines, Lenovo updated the advisory yesterday. The reason these devices aren't affected is due to the fact that they use Windows Hello which is Microsoft's home-baked fingerprint recognition software. More details about this security vulnerability are available over here at Lenovo. However, the vulnerability can only be exploited by a person with physical access to the machine and cannot be done remotely or online, the company noted.

Like this: