UEFI EDK2 Capsule 更新漏洞

Lenovo 安全公告：LEN-2014-001

潜在影响：执行任意代码

重要性：中

摘要：

EDK2 UEFI 参考实现包含 Capsule 更新机制中的多个漏洞。

描述：

开源 EDK2 项目提供了 Unified Extensible Firmware Interface（UEFI）的参考实现。已发现 EDK2 Capsule 更新机制中存在多个漏洞。

Capsule 处理阶段的缓冲区溢出 - CVE-2014-4859

在 UEFI 引导过程的驱动器执行环境（DXE）阶段，会在处理过程中对 Capsule 图形进行解析。Capsule 处理阶段存在整数溢出漏洞，可能造成分配的缓冲区过小。因此，攻击者所控制的数据可能会写入缓冲区边界以外。

合并阶段的写入内容和写入位置条件 - CVE-2014-4860

在 UEFI 引导过程的预 EFI 初始化（PEI）阶段，Capsule 更新会合并成其原始形式。合并阶段存在多个整数溢出漏洞，可用于触发写入内容和写入位置条件。

解决方案:

受影响的产品：

ThinkPad

系统	状态	最低 BIOS 版本，包括修复程序	发布网址
ThinkPad Edge E130	受到影响	H4ET93WW （2.53）	http://support.lenovo.com/us/en/products/laptops-and-netbooks/thinkpad-edge-laptops/thinkpad-edge-e130/downloads/DS029430
ThinkPad Edge E145	受到影响	HSET58WW （2.03）	http://support.lenovo.com/my/ms/products/laptops-and-netbooks/thinkpad-edge-laptops/thinkpad-edge-e145/downloads/DS036720
ThinkPad Edge E431/E531	受到影响	HEET47WW （1.28）	http://support.lenovo.com/us/en/products/laptops-and-netbooks/thinkpad-edge-laptops/thinkpad-edge-e431/downloads/DS035124
ThinkPad Edge E440/E540	受到影响	J9ET93WW （2.13）	http://support.lenovo.com/us/en/products/laptops-and-netbooks/thinkpad-edge-laptops/thinkpad-edge-e440/downloads/DS037207
ThinkPad Edge E455/E555	受到影响	HTET35WW （1.07）	http://support.lenovo.com/us/en/products/laptops-and-netbooks/thinkpad-edge-laptops/thinkpad-e455/downloads/DS100990
ThinkPad Edge S430	受到影响	GAET98WW （2.58）	http://support.lenovo.com/us/en/products/laptops-and-netbooks/thinkpad-edge-laptops/thinkpad-edge-s430/downloads/DS029726
ThinkPad Helix	受到影响	GFET50WW （1.29）	http://support.lenovo.com/us/en/products/laptops-and-netbooks/thinkpad-helix-series-laptops/thinkpad-helix-type-3xxx/downloads/DS034627
ThinkPad L430/L530	受到影响	G3ETA2WW （2.62）	http://support.lenovo.com/us/en/products/laptops-and-netbooks/thinkpad-l-series-laptops/thinkpad-l530/downloads/DS029124
ThinkPad L440/L540	受到影响	J4ET69WW （1.69）	http://support.lenovo.com/us/en/products/laptops-and-netbooks/thinkpad-l-series-laptops/thinkpad-l440/downloads/DS037206
ThinkPad S1 Yoga（非 vPro）	受到影响	GQET38WW （1.18）	http://support.lenovo.com/us/en/products/laptops-and-netbooks/thinkpad-yoga-series-laptops/thinkpad-yoga/downloads/DS038334
ThinkPad S1 Yoga（vPro）	受到影响	B0ET22WW （1.09）	http://support.lenovo.com/us/en/products/laptops-and-netbooks/thinkpad-yoga-series-laptops/thinkpad-yoga/downloads/DS038334
ThinkPad S431	受到影响	HFET34WW （1.11）	http://support.lenovo.com/us/en/products/laptops-and-netbooks/thinkpad-s-series-laptops/thinkpad-s431/downloads/DS035164
ThinkPad S440	受到影响	J3ET60WW （1.60）	http://support.lenovo.com/us/en/products/laptops-and-netbooks/thinkpad-s-series-laptops/thinkpad-s440/downloads/DS036070
ThinkPad S531	受到影响	GKET33WW （1.13）	http://support.lenovo.com/us/en/products/laptops-and-netbooks/thinkpad-s-series-laptops/thinkpad-s531/downloads/DS035584
ThinkPad S540	受到影响	GPET59WW （1.59）	http://support.lenovo.com/us/en/products/laptops-and-netbooks/thinkpad-s-series-laptops/thinkpad-s540/downloads/DS038373
ThinkPad T430	受到影响	G1ETA6WW （2.66）	http://support.lenovo.com/us/en/products/laptops-and-netbooks/thinkpad-t-series-laptops/thinkpad-t430/downloads/DS029252
ThinkPad T430s	受到影响	G7ETA1WW （2.61）	http://support.lenovo.com/us/en/products/laptops-and-netbooks/thinkpad-t-series-laptops/thinkpad-t430s/downloads/DS029724
ThinkPad T430u	受到影响	H6ET92WW （2.10）	http://support.lenovo.com/us/en/products/laptops-and-netbooks/thinkpad-t-series-laptops/thinkpad-t430u/downloads/DS031724
ThinkPad T431s	受到影响	GHET29WW （1.14）	http://support.lenovo.com/us/en/products/laptops-and-netbooks/thinkpad-t-series-laptops/thinkpad-t431s/downloads/DS034505
ThinkPad T440/T440s	受到影响	GJET79WW （2.29）	http://support.lenovo.com/us/en/products/laptops-and-netbooks/thinkpad-t-series-laptops/thinkpad-t440s/downloads/DS035965
ThinkPad T440p	受到影响	GLET72WW （2.26）	http://support.lenovo.com/us/en/products/laptops-and-netbooks/thinkpad-t-series-laptops/thinkpad-t440p/downloads/DS037575
ThinkPad T530	受到影响	G4ETA2WW （2.62）	http://support.lenovo.com/us/en/products/laptops-and-netbooks/thinkpad-t-series-laptops/thinkpad-t530/downloads/DS029246
ThinkPad T540p	受到影响	GMET67WW （2.15）	http://support.lenovo.com/us/en/products/laptops-and-netbooks/thinkpad-t-series-laptops/thinkpad-t540p/downloads/DS038147
ThinkPad Tablet 10（32 位）	受到影响	GUET65WW （1.65）	http://support.lenovo.com/us/en/products/tablets/thinkpad-tablet-series/thinkpad-10/downloads/DS041534
ThinkPad Tablet 10（64 位）	受到影响	GWET24WW （1.24）	http://support.lenovo.com/us/en/products/tablets/thinkpad-tablet-series/thinkpad-10/downloads/DS041804
ThinkPad Tablet 2	受到影响	GEETC6WW （2.16）	http://support.lenovo.com/us/en/products/tablets/thinkpad-tablet-series/thinkpad-tablet-2/downloads/DS033365
ThinkPad Tablet 8（32 位）	受到影响	GTET67WW （1.67）	http://support.lenovo.com/us/en/products/tablets/thinkpad-tablet-series/thinkpad-8/downloads/DS040045
ThinkPad Tablet 8（64 位）	受到影响	GYET24WW （1.24）	http://support.lenovo.com/us/en/products/tablets/thinkpad-tablet-series/thinkpad-8/downloads/DS100744
ThinkPad Twist/Edge S230	受到影响	GDETA8WW （1.68）	http://support.lenovo.com/us/en/products/laptops-and-netbooks/thinkpad-twist-series-laptops/thinkpad-twist-s230u/downloads/DS032000
ThinkPad W530	受到影响	G5ETA0WW （2.60）	http://support.lenovo.com/us/en/products/laptops-and-netbooks/thinkpad-w-series-laptops/thinkpad-w530/downloads/DS029169
ThinkPad W540	受到影响	GNET67WW （2.15）	http://support.lenovo.com/us/en/products/laptops-and-netbooks/thinkpad-w-series-laptops/thinkpad-w540/downloads/DS039077
ThinkPad X1 Carbon（20A7、20A8）	受到影响	GRET40WW （1.17）	http://support.lenovo.com/us/en/products/laptops-and-netbooks/thinkpad-x-series-laptops/thinkpad-x1-carbon-type-20a7-20a8/downloads/DS039782
ThinkPad X1 Carbon（34xx）	受到影响	G6ETA9WW （2.69）	http://support.lenovo.com/us/en/products/laptops-and-netbooks/thinkpad-x-series-laptops/thinkpad-x1-carbon-type-34xx/downloads/DS030684
ThinkPad X131e（AMD）	受到影响	G9ET98WW （2.58）	http://support.lenovo.com/us/en/products/laptops-and-netbooks/thinkpad-x-series-laptops/thinkpad-x131e/downloads/DS029771
ThinkPad X131e（Intel）	受到影响	G8ET99WW （2.59）	http://support.lenovo.com/us/en/products/laptops-and-netbooks/thinkpad-x-series-laptops/thinkpad-x131e/downloads/DS029771
ThinkPad X140e（AMD）	受到影响	GSET61WW （2.06）	http://support.lenovo.com/us/en/products/laptops-and-netbooks/thinkpad-x-series-laptops/thinkpad-x140e/downloads/DS038561
ThinkPad X230	受到影响	G2ETA2WW （2.62）	http://support.lenovo.com/us/en/products/laptops-and-netbooks/thinkpad-x-series-laptops/thinkpad-x230/downloads/DS029187
ThinkPad X230s	受到影响	GGET22WW （1.10）	http://support.lenovo.com/us/en/products/laptops-and-netbooks/thinkpad-x-series-laptops/thinkpad-x230s/downloads/DS034847
ThinkPad X230t	受到影响	GCETA0WW （2.60）	http://support.lenovo.com/us/en/products/laptops-and-netbooks/thinkpad-x-series-tablet-laptops/thinkpad-x230-tablet/downloads/DS029683
ThinkPad X240/X240s	受到影响	GIET76WW （2.26）	http://support.lenovo.com/us/en/products/laptops-and-netbooks/thinkpad-x-series-laptops/thinkpad-x240/downloads/DS035950
ThinkPad Yoga 11e	未受影响

ThinkCentre

System	状态	最低 BIOS 版本，包括修复程序	发布网址
ThinkCentre E73Z	受到影响	FGKT32A	http://support.lenovo.com/us/en/products/desktops-and-all-in-ones/thinkcentre-m-series-desktops/thinkcentre-m73z/downloads/DS038323
ThinkCentre E93	受到影响	FBKT89A	http://support.lenovo.com/us/en/products/desktops-and-all-in-ones/thinkcentre-m-series-desktops/thinkcentre-m93/downloads/DS035753
ThinkCentre E93Z	受到影响	FFKT32A	http://support.lenovo.com/us/en/products/desktops-and-all-in-ones/thinkcentre-e-series-desktops/thinkcentre-e93z/downloads/DS036668
ThinkCentre Edge 62z	受到影响	F8KT36A	http://support.lenovo.com/us/en/products/desktops-and-all-in-ones/thinkcentre-edge-desktops/thinkcentre-edge-62z/downloads/DS031473
ThinkCentre Edge 72	受到影响	F1KT67A	http://support.lenovo.com/us/en/products/desktops-and-all-in-ones/thinkcentre-edge-desktops/thinkcentre-edge-72/downloads/DS029433
ThinkCentre Edge 72z	受到影响	F6KT38A	http://support.lenovo.com/us/en/products/desktops-and-all-in-ones/thinkcentre-edge-desktops/thinkcentre-edge-72z/downloads/DS029266
ThinkCentre Edge 92z	受到影响	9XKT31A	http://support.lenovo.com/us/en/products/desktops-and-all-in-ones/thinkcentre-edge-desktops/thinkcentre-edge-92z/downloads/DS030110
ThinkCentre M62Z	受到影响	F0KT41A	http://support.lenovo.com/us/en/products/desktops-and-all-in-ones/thinkcentre-m-series-desktops/thinkcentre-m62z/downloads/DS030249
ThinkCentre M72e	受到影响	F1KT67A	http://support.lenovo.com/us/en/products/desktops-and-all-in-ones/thinkcentre-m-series-desktops/thinkcentre-m72e/downloads/DS029433
ThinkCentre M72e	受到影响	F4KT48A	http://support.lenovo.com/us/en/products/desktops-and-all-in-ones/thinkcentre-m-series-desktops/thinkcentre-m72e/downloads/DS029184
ThinkCentre M72e	受到影响	F9KT54A	http://support.lenovo.com/us/en/products/desktops-and-all-in-ones/thinkcentre-m-series-desktops/thinkcentre-m72e/downloads/DS031119b
ThinkCentre M72z	受到影响	F6KT38A	http://support.lenovo.com/us/en/products/desktops-and-all-in-ones/thinkcentre-m-series-desktops/thinkcentre-m72z/downloads/DS029266
ThinkCentre M73	受到影响	FCKT54A	http://support.lenovo.com/us/en/products/desktops-and-all-in-ones/thinkcentre-m-series-desktops/thinkcentre-m73/downloads/DS038324
ThinkCentre M73 Tiny	受到影响	FHKT48A	http://support.lenovo.com/us/en/products/desktops-and-all-in-ones/thinkcentre-m-series-desktops/thinkcentre-m73/downloads/DS038325
ThinkCentre M73Z	受到影响	FGKT32A	http://support.lenovo.com/us/en/products/desktops-and-all-in-ones/thinkcentre-m-series-desktops/thinkcentre-m73z/downloads/DS038323
ThinkCentre M78（类型 1562、1565、1662、1663、1766、2111、2113、2114、4860、4863、4865、4866、5100）	受到影响	9ZKT48A	http://support.lenovo.com/us/en/products/desktops-and-all-in-ones/thinkcentre-m-series-desktops/thinkcentre-m78?c=1
ThinkCentre M78（类型 10BN、10BQ、10BR、10BS、10BT、10BU）	受到影响	FNKT27A	http://support.lenovo.com/us/en/products/desktops-and-all-in-ones/thinkcentre-m-series-desktops/thinkcentre-m78/downloads/DS038364
ThinkCentre M83Z	受到影响	FGKT32A	http://support.lenovo.com/us/en/products/desktops-and-all-in-ones/thinkcentre-m-series-desktops/thinkcentre-m73z/downloads/DS038323
ThinkCentre M90	受到影响	5JKT65A	http://support.lenovo.com/us/en/products/desktops-and-all-in-ones/thinkcentre-m-series-desktops/thinkcentre-m90/downloads/DS014923
ThinkCentre M90p	受到影响	5JKT65A	http://support.lenovo.com/us/en/products/desktops-and-all-in-ones/thinkcentre-m-series-desktops/thinkcentre-m90/downloads/DS014923
ThinkCentre M91	受到影响	9HKT58A	http://support.lenovo.com/us/en/products/desktops-and-all-in-ones/thinkcentre-m-series-desktops/thinkcentre-m91/downloads/DS018245
ThinkCentre M91P	受到影响	9HKT58A	http://support.lenovo.com/us/en/products/desktops-and-all-in-ones/thinkcentre-m-series-desktops/thinkcentre-m91/downloads/DS018245
ThinkCentre M92	受到影响	9SKT83A	http://support.lenovo.com/us/en/products/desktops-and-all-in-ones/thinkcentre-m-series-desktops/thinkcentre-m92/downloads/DS029265
ThinkCentre M92P	受到影响	9SKT83A	http://support.lenovo.com/us/en/products/desktops-and-all-in-ones/thinkcentre-m-series-desktops/thinkcentre-m92/downloads/DS029265
ThinkCentre M92Z	受到影响	9NKT63A	http://support.lenovo.com/us/en/products/desktops-and-all-in-ones/thinkcentre-m-series-desktops/thinkcentre-m92z/downloads/DS029443
ThinkCentre M93	受到影响	FBKT89A	http://support.lenovo.com/us/en/products/desktops-and-all-in-ones/thinkcentre-m-series-desktops/thinkcentre-m93/downloads/DS035753
ThinkCentre M93P	受到影响	FBKT89A	http://support.lenovo.com/us/en/products/desktops-and-all-in-ones/thinkcentre-m-series-desktops/thinkcentre-m93/downloads/DS035753
ThinkCentre M93Z	受到影响	FEKT83A	http://support.lenovo.com/us/en/products/desktops-and-all-in-ones/thinkcentre-m-series-desktops/thinkcentre-m93z/downloads/DS036004

ThinkStation

系统	状态	最低 BIOS 版本，包括修复程序	发布网址
ThinkStation C30 （类型 1095、1096、1097）	受到影响	A1KT50A	http://support.lenovo.com/us/en/products/workstations/thinkstation-c-series-workstations/thinkstation-c30/downloads/DS028464
ThinkStation C30 （类型 1136、1137）	受到影响	A3KT45A	http://support.lenovo.com/us/en/products/workstations/thinkstation-c-series-workstations/thinkstation-c30/downloads/DS035725
ThinkStation D30 （类型 4223、4228、4229）	受到影响	A1KT50A	http://support.lenovo.com/us/en/products/workstations/thinkstation-d-series-workstations/thinkstation-d30/downloads/DS028464
ThinkStation D30 （类型 4353、4354）	受到影响	A3KT45A	http://support.lenovo.com/us/en/products/workstations/thinkstation-d-series-workstations/thinkstation-d30/downloads/DS035725
ThinkStation E30	受到影响	9HKT58A	http://support.lenovo.com/us/en/products/workstations/thinkstation-e-series-workstations/thinkstation-e30/downloads/DS018245
ThinkStation E31	受到影响	9SKT83A	http://support.lenovo.com/us/en/products/desktops-and-all-in-ones/thinkcentre-m-series-desktops/thinkcentre-m92/downloads/DS029265
ThinkStation E32	受到影响	FBKT89A	http://support.lenovo.com/us/en/products/workstations/thinkstation-e-series-workstations/thinkstation-e32/downloads/DS035753
ThinkStation P300	受到影响	FBKT89A	http://support.lenovo.com/us/en/products/workstations/thinkstation-e-series-workstations/thinkstation-e32/downloads/DS035753
ThinkStation S30	受到影响	A0KT50A	http://support.lenovo.com/us/en/products/workstations/thinkstation-s-series-workstations/thinkstation-s30/downloads/DS028141
ThinkStation S30	受到影响	A2KT45A	http://support.lenovo.com/us/en/products/workstations/thinkstation-s-series-workstations/thinkstation-s30/downloads/DS035724

ThinkServer & Storage

系统	状态	最低 BIOS 版本，包括修复程序	发布网址
ThinkServer RD330	未受影响
ThinkServer RD340	未受影响
ThinkServer RD430	未受影响
ThinkServer RD440	未受影响
ThinkServer RD530	未受影响
ThinkServer RD540	未受影响
ThinkServer RD550	受到影响	1.10	http://support.lenovo.com/us/en/products/servers/thinkserver-rack-servers/thinkserver-rd550
ThinkServer RD630	未受影响
ThinkServer RD640	未受影响
ThinkServer RD650	受到影响	1.10	http://support.lenovo.com/us/en/products/servers/thinkserver-rack-servers/thinkserver-rd650
ThinkServer RS140	受到影响	82c	http://support.lenovo.com/us/en/products/servers/thinkserver-rack-servers/thinkserver-rs140/downloads/DS041638
ThinkServer TD340	未受影响
ThinkServer TD350	受到影响	1.10	http://support.lenovo.com/us/en/products/servers/thinkserver-tower-servers/thinkserver-td350
ThinkServer TS130	未受影响
ThinkServer TS140	受到影响	92A	http://support.lenovo.com/us/en/products/servers/thinkserver-tower-servers/thinkserver-ts140/downloads/DS036974
ThinkServer TS430	未受影响
ThinkServer TS440	受到影响	92A	http://support.lenovo.com/us/en/products/servers/thinkserver-tower-servers/thinkserver-ts140/downloads/DS036974

Lenovo 笔记本电脑

系统	状态	最低版本，包括修复程序	发布网址
B40-30/B50-30/E40-30	受到影响	9CCN29WW （v2.07）	http://support.lenovo.com/us/en/downloads/ds101220
B40-45/B50-45	受到影响	A1CN23WW （v1.11）	http://support.lenovo.com/us/en/downloads/ds101226
B40-70/B50-70/E40-70/E50-70	受到影响	9DCN28WW （V2.08）	http://support.lenovo.com/us/en/downloads/ds101224
B4400	未受影响	−	−
B490	受到影响	H9ET75WW	http://support.lenovo.com/us/en/downloads/DS032260
B5400	受到影响	J7HT55WW （v2.06）	http://support.lenovo.com/us/en/downloads/ds036987
E10-30	受到影响	A5CN36WW（V3.7）	http://support.lenovo.com/us/en/products/laptops-and-netbooks/lenovo-e-series-laptops/lenovo-e10-30/downloads/DS100550
E4430	未受影响	−	−
Flex 10	受到影响	93CN57WW（V9.7）	win8: http://support.lenovo.com/us/en/products/laptops-and-netbooks/flex-series/flex-10-notebook-lenovo/downloads/DS101001 win8.1: http://support.lenovo.com/us/en/products/laptops-and-netbooks/flex-series/flex-10-notebook-lenovo/downloads/DS100999
Flex 2 14/Flex 2 15（Baytrail-M）	受到影响	A3CN32WW	http://support.lenovo.com/us/en/products/laptops-and-netbooks/flex-series/flex-2-14-notebook-lenovo/downloads/DS101207
Flex 2 14/Flex 2 15（Broadwell）	未受影响	−	−
Flex 2 14/Flex 2 15（Haswell）	受到影响	A0CN26WW	http://support.lenovo.com/us/en/products/laptops-and-netbooks/flex-series/flex-2-14-notebook-lenovo/downloads/DS101193
Flex 2 14D/Flex 2 15D	受到影响	9FCN22WW	http://support.lenovo.com/us/en/products/laptops-and-netbooks/flex-series/flex-2-14d-notebook-lenovo/downloads/DS101002
Flex 2 Pro-15（Broadwell）	未受影响	−	−
Flex 2 Pro-15（Haswell）	受到影响	B9CN16WW	http://support.lenovo.com/us/en/products/laptops-and-netbooks/flex-series/flex-2-pro-15-laptop-lenovo/downloads/DS101359
Flex 3 11	未受影响	−	−
Flex3 1470/1570 HSW/BDW	未受影响	−	−
G40-30/G50-30	受到影响	A7CN43WW	http://support.lenovo.com/us/en/products/laptops-and-netbooks/lenovo-g-series-laptops/g40-30-notebook-lenovo/downloads/DS100921
G40-45/G50-45	受到影响	A2CN26WW	http://support.lenovo.com/us/en/products/laptops-and-netbooks/lenovo-g-series-laptops/g50-45-notebook-lenovo/downloads/DS100823
G40-70/G50-70	受到影响	9ACN29WW	http://support.lenovo.com/us/en/products/laptops-and-netbooks/lenovo-g-series-laptops/g40-70-notebook-lenovo/downloads/DS100522
G40-75/G50-75	受到影响	−	请与您的服务供应商联系
G40-80/G50-80	受到影响	B0CN69WW	http://support.lenovo.com/us/en/products/laptops-and-netbooks/lenovo-g-series-laptops/g40-80/downloads/DS102231
G410/G510	受到影响	79CN50WW （V3.09）	http://support.lenovo.com/us/en/products/laptops-and-netbooks/lenovo-g-series-laptops/lenovo-g410-notebook/downloads/DS040384
G410s/G510s	受到影响	−	请与您的服务供应商联系
G70-70	受到影响	B6CN13WW	http://support.lenovo.com/us/en/products/laptops-and-netbooks/lenovo-g-series-laptops/g70-70-laptop/downloads/DS101620
K20-80	未受影响	−	−
K2450	未受影响	−	−
K4450	未受影响	−	−
M50-70	受到影响	B3CN15WW	http://support.lenovo.com/us/en/downloads/ds101348
M50-80	未受影响	−	−
Miix 2 11	受到影响	97CN37WW	http://support.lenovo.com/us/en/products/tablets/miix-series/miix-2-11-tablet-lenovo/downloads/DS101276
Miix 2 8	受到影响	90CN24WW	http://support.lenovo.com/us/en/products/tablets/miix-series/miix-2-8-tablet-lenovo/downloads/DS101003
Miix 3-1030	未受影响	−	−
S20-30	受到影响	ACCN22WW（V2.0）	http://support.lenovo.com/us/en/products/laptops-and-netbooks/lenovo-s-series-laptops/lenovo-s20-30-notebook/downloads/ds100552
S310/S410	受到影响	8BCN45WW （V3.08）	http://support.lenovo.com/us/en/products/laptops-and-netbooks/ideapad-s-series-netbooks/ideapad-s310-notebook/downloads/ds101228
S41-70 HSW/BDW	未受影响	−	−
S435/M40-35（YC）Beema	未受影响	−	−
Y40-70	受到影响	99CN28WW （V1.11）	http://support.lenovo.com/us/en/products/laptops-and-netbooks/lenovo-y-series-laptops/y40-70-notebook-lenovo/downloads/DS100938
Y410/510	受到影响	−	请与您的服务供应商联系
Y410P/510P（IdeaPad）	受到影响	74CN44WW	http://support.lenovo.com/us/en/products/laptops-and-netbooks/ideapad-y-series-laptops/ideapad-y410p-notebook/downloads/DS100556
Y430P（IdeaPad）	受到影响	−	请与您的服务供应商联系
Y50-70/Y70-70	受到影响	9ECN37WW（V2.01）	http://support.lenovo.com/us/en/products/laptops-and-netbooks/lenovo-y-series-laptops/y50-70-touch-notebook-lenovo/downloads/DS100998
Yoga 2 11（Baytrail-M）	受到影响	92CN33WW	http://support.lenovo.com/gb/en/products/laptops-and-netbooks/yoga-series/yoga-2-11-notebook-lenovo/downloads/DS100551
Yoga 2 11（Haswell）	受到影响	AACN19WW	http://support.lenovo.com/gb/en/products/laptops-and-netbooks/yoga-series/yoga-2-11-notebook-lenovo/downloads/DS101717
Yoga 2 13	受到影响	96CN29WW （V1.15）	http://support.lenovo.com/us/en/products/laptops-and-netbooks/yoga-series/yoga-2-13-notebook-lenovo/downloads/DS100939
Yoga 2 Pro	受到影响	76CN41WW	http://support.lenovo.com/us/en/products/laptops-and-netbooks/yoga-series/yoga-2-pro-lenovo/downloads/DS035004
Yoga 3 14	未受影响	−	−
Z40-70/Z50-70/Z70-70	受到影响	9BCN29WW	http://support.lenovo.com/us/en/products/laptops-and-netbooks/lenovo-z-series-laptops/lenovo-z40-70/downloads/DS100528
Z40-75/Z50-75	受到影响	A4CN33WW	http://support.lenovo.com/gb/en/products/laptops-and-netbooks/lenovo-z-series-laptops/lenovo-z40-75/downloads/DS100825

Lenovo 台式机

系统	状态	最低版本，包括修复程序	发布网址
63 台式机	受到影响	FCKT57A	http://support.lenovo.com/us/en/products/desktops-and-all-in-ones/lenovo-63-series-desktops/lenovo-63-desktop?TabName
A540 一体机（Broadwell）	受到影响	O14KT15AUS	http://support.lenovo.com/us/en/products/desktops-and-all-in-ones/lenovo-a-series-all-in-ones/lenovo-a540-all-in-one/downloads/DS102570
A740 一体机 - BDW	受到影响	O14KT15AUS	http://support.lenovo.com/us/en/products/desktops-and-all-in-ones/lenovo-a-series-all-in-ones/lenovo-a540-all-in-one/downloads/DS102570
B40-30 一体机	受到影响	O0CKT18A	http://support.lenovo.com/us/en/products/desktops-and-all-in-ones/lenovo-b-series-all-in-ones/lenovo-b40-30-all-in-one/downloads/DS101240
B40-30 触控式一体机	受到影响	O0CKT18A	http://support.lenovo.com/us/en/products/desktops-and-all-in-ones/lenovo-b-series-all-in-ones/lenovo-b40-30-all-in-one/downloads/DS101240
B50-30 一体机	受到影响	O0BKT19A	http://support.lenovo.com/us/en/products/desktops-and-all-in-ones/lenovo-b-series-all-in-ones/lenovo-b50-30-all-in-one/downloads/DS101243
B50-30 触控式一体机	受到影响	O0BKT19A	http://support.lenovo.com/us/en/products/desktops-and-all-in-ones/lenovo-b-series-all-in-ones/lenovo-b50-30-all-in-one/downloads/DS101243
B5035	受到影响	O0AKT18AUS	http://support.lenovo.com/us/en/products/desktops-and-all-in-ones/lenovo-a-series-all-in-ones/lenovo-a540-all-in-one/downloads/DS101270
B50-35 一体机	受到影响	O0AKT18AUS	http://support.lenovo.com/us/en/products/desktops-and-all-in-ones/lenovo-a-series-all-in-ones/lenovo-a540-all-in-one/downloads/DS101270
C20-05 一体机	受到影响	O0GKT30AUS	http://support.lenovo.com/us/en/products/desktops-and-all-in-ones/lenovo-c-series-all-in-ones/lenovo-c560-all-in-one/downloads/DS101524
C20-30 一体机	受到影响	O0EKT30AUS	http://support.lenovo.com/us/en/products/desktops-and-all-in-ones/lenovo-c-series-all-in-ones/lenovo-c560-all-in-one/downloads/DS101522
C260 一体机	受到影响	IXKT26AUS	http://support.lenovo.com/us/en/products/desktops-and-all-in-ones/lenovo-c-series-all-in-ones/lenovo-c260-all-in-one/downloads/DS100767
C260 触控式一体机	受到影响	IXKT26AUS	http://support.lenovo.com/us/en/products/desktops-and-all-in-ones/lenovo-c-series-all-in-ones/lenovo-c260-all-in-one/downloads/DS100767
C360 一体机	受到影响	IMKT19AUS	http://support.lenovo.com/us/en/products/desktops-and-all-in-ones/horizon-series/horizon-2e-table-pc/downloads/DS101336
C365 一体机	受到影响	O0MKT13A	http://support.lenovo.com/us/en/products/desktops-and-all-in-ones/lenovo-s-series-all-in-ones/lenovo-s40-40-all-in-one/downloads/DS101298
C40-05 一体机	受到影响	O0KKT14A	http://support.lenovo.com/us/en/products/desktops-and-all-in-ones/lenovo-c-series-all-in-ones/lenovo-c40-05-all-in-one
C40-30 一体机	受到影响	O0HKT17AUS	http://support.lenovo.com/us/en/products/desktops-and-all-in-ones/horizon-series/horizon-2e-table-pc/downloads/DS101525
C460 一体机	受到影响	IMKT19AUS	http://support.lenovo.com/us/en/products/desktops-and-all-in-ones/horizon-series/horizon-2e-table-pc/downloads/DS101336
C470 一体机	受到影响	O0DKT18AUS	http://support.lenovo.com/us/en/products/desktops-and-all-in-ones/horizon-series/horizon-2e-table-pc/downloads/DS101337
C50-30 一体机	受到影响	O0IKT17A	http://support.lenovo.com/us/en/products/desktops-and-all-in-ones/lenovo-c-series-all-in-ones/lenovo-c50-30-all-in-one/downloads/DS101470
C5030 非触控式一体机	受到影响	O0IKT17A	http://support.lenovo.com/us/en/products/desktops-and-all-in-ones/lenovo-c-series-all-in-ones/lenovo-c50-30-all-in-one/downloads/DS101470
C560 一体机	受到影响	INKT30AUS	http://support.lenovo.com/us/en/products/desktops-and-all-in-ones/lenovo-c-series-all-in-ones/lenovo-c560-all-in-one/downloads/DS101700
E50-00 台式机	受到影响	O07KT52AUS	http://support.lenovo.com/us/en/products/desktops-and-all-in-ones/e-series-desktop/lenovo-e50-00-desktop/downloads/DS101341
ErazerX700 台式机	受到影响	IUKT07AUS	http://support.lenovo.com/us/en/products/desktops-and-all-in-ones/lenovo-erazer-x-series-desktops/lenovo-erazer-x700-desktop
H30-00 台式机	受到影响	O07KT52AUS	http://support.lenovo.com/us/en/products/desktops-and-all-in-ones/e-series-desktop/lenovo-e50-00-desktop/downloads/DS101341
H30-05 台式机	受到影响	O06KT18A	http://support.lenovo.com/us/en/products/desktops-and-all-in-ones/lenovo-s-series-all-in-ones/lenovo-s40-40-all-in-one/downloads/DS101299
H30-50 台式机	受到影响	IEKT31A	http://support.lenovo.com/us/en/products/desktops-and-all-in-ones/lenovo-h-series-desktops/lenovo-h530-desktop/downloads/DS101277
H50-00 台式机	受到影响	O07KT52AUS	http://support.lenovo.com/us/en/products/desktops-and-all-in-ones/e-series-desktop/lenovo-e50-00-desktop/downloads/DS101341
H50-05 台式机	受到影响	O06KT18A	http://support.lenovo.com/us/en/products/desktops-and-all-in-ones/lenovo-s-series-all-in-ones/lenovo-s40-40-all-in-one/downloads/DS101299
H50-30g 台式机	受到影响	IEKT31A	http://support.lenovo.com/us/en/products/desktops-and-all-in-ones/lenovo-h-series-desktops/lenovo-h530-desktop/downloads/DS101277
H50-50 台式机	受到影响	IEKT31A	http://support.lenovo.com/us/en/products/desktops-and-all-in-ones/lenovo-h-series-desktops/lenovo-h530-desktop/downloads/DS101277
H530 台式机	受到影响	IEKT31A	http://support.lenovo.com/us/en/products/desktops-and-all-in-ones/lenovo-h-series-desktops/lenovo-h530-desktop/downloads/DS101277
H530s 台式机	受到影响	IEKT31A	http://support.lenovo.com/us/en/products/desktops-and-all-in-ones/lenovo-h-series-desktops/lenovo-h530-desktop/downloads/DS101277
Horizon 2 27 平板电脑	受到影响	O02KT21A	http://support.lenovo.com/us/en/products/desktops-and-all-in-ones/horizon-series/horizon-2-27-table-pc-ideacentre/downloads/DS101244
Horizon2e 桌面计算机	受到影响	O08KT22A	http://support.lenovo.com/us/en/products/desktops-and-all-in-ones/horizon-series/horizon-2e-table-pc/downloads/DS101046
Horizon2s 桌面计算机	受到影响	O0FKT16A	http://support.lenovo.com/us/en/products/desktops-and-all-in-ones/horizon-series/horizon-2s-table-pc/downloads/DS101154
M4350 台式机	受到影响	F9KT53A	http://support.lenovo.com/us/en/products/desktops-and-all-in-ones/m-series/lenovo-m4350-desktop
S40-40 一体机	受到影响	IZKT22A	http://support.lenovo.com/us/en/products/desktops-and-all-in-ones/lenovo-s-series-all-in-ones/lenovo-s40-40-all-in-one/downloads/DS101300

备注:

致谢：

Lenovo 谨此对报告此漏洞的 MITRE Corporation 的 Corey Kallenberg、Xeno Kovah、John Butterworth 和 Sam Cornwell 表示感谢。

其他信息和参考资料：

CERT Vulnerability Note：VU#552286

CVE ID：CVE-2014-4859；CVE-2014-4860

https://www.mitre.org/capabilities/cybersecurity/overview/cybersecurity-blog/bios-extreme-privilege-escalation

修订历史：

版本	日期	描述
1.7	2015-04-14	发布其他修复程序
1.6	2015-03-17	发布其他修复程序
1.5	2015-03-03	发布其他修复程序
1.4	2014-11-18	发布其他修复程序
1.3	2014-11-07	发布其他修复程序
1.2	2014-11-06	发布其他修复程序
1.1	2014-10-22	发布其他修复程序
1.0	2014-09-27	初始版本