Lenovo has issued a security notice telling its customers to immediately uninstall its Lenovo Accelerator Application. The software comes pre-installed with all Windows 10 Lenovo machines, and has been found to allow man-in-the-middle attacks that could leave users vulnerable to cyberattacks.
The Accelerator is designed to speed up the launching of specific applications for Lenovo devices and is available in a wide range of Lenovo laptops and desktops. These kinds of pre-installed applications are often considered bloatware as they do little more than take up system resources and storage space.
Unfortunately, the update system where the Accelerator checks for updates “could lead to exploitation by an attacker with man-in-the-middle capabilities.”
Those who own a Lenovo computer that shipped with Windows 10 should take precautions to uninstall the software or risk being the target of a cyberattack. It should be noted that this only applies to computers which shipped with Windows 10, and those with older operating systems do not suffer from this vulnerability.
This is not the first time that Lenovo has encountered problems with bloatware. The company found itself in hot water last year with the Superfish debacle, where it was found to be injecting its own ads into user’s internet connections. Like the Accelerator vulnerability, this left users open to man-in-the-middle attacks.