Lenovo in a statement to by clicking here recommends that users uninstall the Accelerator app, which is installed by default on laptops running Windows 10.
Lenovo published the 31 May Advisory on the same day that Duo Security Security researchers published a large-scale report in which they decided to test the security of various updaters of drivers pre-installed on systems of different companies.
Duo experts tested laptops from Acer, Asus, Dell, Hewlett- Packard (HP), and Lenovo, and discovered that they all used applications vulnerable to MitM (Man-in-the-middle) attacks.
For Lenovo, the researchers tested the Lenovo Solution Center and Lenovo Update Agent applications. For specific applications and for the above companies you can read the publication
Acer, Asus, Dell, HP and Lenovo bloatware research
But it seems as if the Lenovo application, Accelerator, is not so safe. It is an application that is used to speed up the launch of other Lenovo applications.
From the Lenovo advisory, it appears that during the Duo trials, investigator Mikhail Davidov discovered a vulnerability and reported it to the company.
According to Davidov's discovery, this application also exposes users to MITM attacks every time it "asks" Lenovo servers if there are any new updates.
So the company instead of trying to correct the application as it did with Lenovo Solution Center decided to withdraw it completely.
“Lenovo recommends that its customers uninstall Lenovo Accelerator from “Apps and Features” in Windows 10. By selecting the Lenovo Accelerator app do click in the" Uninstall".
Below is a list of computers of Lenovo that has Lenovo Accelerator installed on Windows 10.
