Microsoft warns: This Windows 10 workaround to cure Lenovo ThinkPad BSODs hits security

Microsoft has in the end revealed a make stronger file detailing its workaround for the August 2020 Patch Tuesday replace for Home windows 10 model 2004 that brought about blue displays of deaths (BSODs) on more moderen Lenovo ThinkPads and broke Home windows Hi biometric login. 

Customers began reporting problems after the cumulative August replace KB566782 for Home windows 10 model 2004 and affected Lenovo ThinkPads made in 2019 and 2020. Alternatively, Microsoft notes that the problem if truth be told gave the impression within the July 31, 2020 KB4568831 (OS Construct 19041.423) Preview.   

Lenovo presented a workaround that concerned disabling the Enhanced Home windows Biometric Safety atmosphere in BIOS Setup within the safety and virtualization settings segment. 

The problem befell when Lenovo’s Vantage app for updating drivers tried to make use of the Intel Control Engine to interface with firmware, which were given blocked via the BIOS atmosphere within the safety replace. 

Microsoft has now revealed an in depth rundown of the malicious program, its signs, purpose and its workaround. It is the similar as Lenovo’s previous workaround however comes with a stern safety caution from Microsoft. Microsoft additionally explains how Lenovo Vantage violates Microsoft’s safety controls in Home windows. 

Customers would possibly bypass the BSOD display screen, however they’re endangering their computer systems via imposing the workaround, in line with Microsoft.  

The workaround additionally impacts a few of Microsoft’s newest security measures for Home windows 10, similar to Hypervisor Code Integrity for safeguarding the OS from malicious drivers, in addition to Home windows Defender Credential Guard.

“This workaround would possibly make a pc or a community extra liable to assault via malicious customers or via malicious device similar to viruses. We don’t counsel this workaround however are offering this knowledge to be able to put in force this workaround at your individual discretion. Use this workaround at your individual possibility,” Microsoft states. 

Microsoft explains that units with the July 31, 2020 KB4568831 (OS Construct 19041.423) Preview or later updates “limit how processes can get right of entry to peripheral part interconnect (PCI) tool configuration area if a Protected Units (SDEV) ACPI desk is provide and Virtualization-based Safety (VBS) is operating”. 

“Processes that experience to get right of entry to PCI tool configuration area should use formally supported mechanisms,” it provides. 

In keeping with Microsoft, the brand new restrictions purpose to stop malicious processes from editing the configuration area of safe units, similar to peripherals. Home windows restricts tool drivers from converting the configuration area of those units to its personal bus interfaces. 

“If a procedure tries to get right of entry to PCI configuration area in an unsupported approach (similar to via parsing MCFG desk and mapping configuration area to digital reminiscence), Home windows denies get right of entry to to the method and generates a Forestall error,” Microsoft explains. 

It provides: “When Lenovo Vantage device runs, some variations would possibly attempt to get right of entry to PCI tool configuration area in an unsupported approach. This motion reasons a Forestall error.” 

The excellent news for affected ThinkPad customers is that Microsoft and Lenovo are running in combination on a repair. Alternatively, Microsoft hasn’t mentioned when that can be to be had. 

The mistake codes affected customers would see come with:  ‘SYSTEM_THREAD_EXCEPTION_NOT_HANDLED’ within the Forestall error message display screen, and ‘0xc0000005 Get admission to Denied’ in reminiscence dumps recordsdata and different logs. The related procedure is ldiagio.sys. 

Leave a Reply

Your email address will not be published. Required fields are marked *