Lenovo Support & downloads - Update available for vulnerability in version 4.20 of Lenovo Rescue and Recovery

Country / region (Select) English (Change)

Home

Products

Support & downloads

My account

About Lenovo

Downloads and drivers

Support & downloads
Troubleshooting
Hints and tips
Parts information
User's guides and manuals
Product information
Operating system installation
Important information
Submit a request
Warranty
Site help
Site feedback
Search PC support
Support phone list

Related links
	Accessories and upgrades
	Business Partner support
	Training
	Find a service provider

Update available for vulnerability in version 4.20 of Lenovo Rescue and Recovery

Applicable countries and regions

Summary

This Security Bulletin addresses a vulnerability in Rescue and Recovery version 4.20. This vulnerability could allow an attacker to run code with elevated privileges on the affected system. This vulnerability has been assigned a serious severity rating. It is recommended that users update to the most current version of Lenovo Rescue and Recovery available.

Affected configurations

Systems with the following versions of Rescue and Recovery installed:

Lenovo Rescue and Recovery 4.20.0512 Vista
Lenovo Rescue and Recovery 4.20.0511 XP and 2000

Solution

Lenovo Rescue and Recovery on Windows

Lenovo strongly recommends upgrading to Lenovo Rescue and Recovery 4.21, available from the following site:
http://www.lenovo.com/support/site.wss/MIGR-4Q2QAK.html

Additional information

Acknowledgment

Lenovo would like to thank ISec Partners for reporting the vulnerability described in CVE-2006-5857 and for working with us to help protect our customers' security.
Copyright © 2008 Lenovo. All rights reserved.