Lenovo Service Engine further tarnishes company's reputation

By Shawn Knight ยท 7 replies
Aug 13, 2015
Post New Reply
  1. Lenovo has found itself at the center of a bloatware-related security controversy once again after a number of users discovered the company was using a little-known feature in Windows 8 and Windows 10 that allows OEMs to embed a Windows executable in their system firmware.

    As Ars Technica correctly explains, the feature grants OEMs like Lenovo the ability to load software onto a Windows machine even when a system is wiped clean and a fresh OS installation is performed. Between October 2014 and April of this year, Lenovo allegedly used the technique to install a feature on certain desktops and notebooks it calls Lenovo Service Engine.

    Curiously enough, the description of what Lenovo Service Engine does differs on desktops and notebooks.

    On desktops, Lenovo claims the software only sends basic information about the system to a Lenovo server and that it only happens once when the system first obtains an Internet connection. On notebooks, Lenovo Service Engine installs OneKey Optimizer which is a firmware, driver and app updater for Lenovo systems.

    The issue isn’t so much that Lenovo is silently running executables and installing software even on fresh installs of Windows (ok, so maybe it is) but that the Lenovo Service Engine and OneKey Optimizer leave a system open to attack. An Ars Technica forum member found that on Windows 7 systems, Lenovo Service Engine appears to overwrite a Windows system file then creates system services that grab files over unencrypted HTTP.

    Lenovo has since stopped including Lenovo Service Engine on new systems and has provided an update to disable it on notebooks and instructions on how to do the same on desktops.

    Permalink to story.

  2. MoeJoe

    MoeJoe TS Guru Posts: 712   +382

    Lenovo's can't even smoothly update to Windows 10.
    Their system foundational drivers are borked.

    And they aren't even offering new machines pre-loaded with 10
    in the retail space. Seriously?

    Lenovo = Big Joke
  3. Skidmarksdeluxe

    Skidmarksdeluxe TS Evangelist Posts: 8,647   +3,274

    I wonder why Lenovo thinks they can get away with installing crap on their machines that nobody will notice? A lot of users are far more tech savvy than their propeller head engineers, not to mention their management who no doubt know about these cheap tricks.
  4. Kevin82485

    Kevin82485 TS Booster Posts: 168   +45

    When I get the chance I'm disabling this on my mother's Lenovo laptop.
  5. j05hh

    j05hh TS Booster Posts: 156   +34

    I have the Yoga 3 Pro which updated to windows 10 without issues.

    Just configured a new Yoga 3 pro from Lenovo , at first boot out of the box you get prompt with windows upgrade option. Agreed its not shipped with windows 10 and does take around 45minutes to upgrade. Install updates, obtain download etc.
  6. MoeJoe

    MoeJoe TS Guru Posts: 712   +382

    Run the Lenovo system management tools in the Windows 10 environment.
    Look for the Foundational Driver messages.
  7. j05hh

    j05hh TS Booster Posts: 156   +34

    Latest Bios release removes this
  8. Paul Deemer

    Paul Deemer TS Rookie

    Lenovo could be a fantastic company if they just stop putting malware on their machines. If they got to charge a little more for their products then do so. But people hate bloatware, spyware and malware. Best way to beat your competition in this day and age is Quality Products without a bunch of crap loaded on systems that nobody wants. If Lenovo doesn't stop doing this their image is going to take a serious hit and people will just take their business to a competitor who offers clean builds even if it cost more.

Similar Topics

Add your comment to this article

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...