Security Architecture, Endpoint/Device Security, Endpoint/Device Security, Security Strategy, Plan, Budget, Vulnerability Management, Patch/Configuration Management, Endpoint/Device Security, Endpoint/Device Security, Endpoint/Device Security

Lenovo patches problems found in SHAREit app

Share

Lenovo issued patches to fix four issues found on some ThinkPad and IdeaPad devices using the SHAREit app, including allowing remote system access and unauthorized access of transferred files.

The issues with SHAREit, which were identified by Core Security, include having a static password on the computers that cannot be changed by the user and would allow anyone accessing this password to join a protected, ad hoc hot Wi-Fi hotspot created by the app. Core Security found a similar problem with the Android version of SHAREit where no password was needed to join the hotspot.

Other vulnerabilities allowed traffic between SHAREit users to be intercepted and altered, an attacker within Wi-Fi range could connect into the LAN to view files and the final flaw could cause a denial of service attack crashing SHAREit.

SHAREit version 3.2.0 and above for Windows, and Android version 3.5.38 and above fix the problems.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.