CyberInsecure.com

Daily cyber threats and internet security news: network security, online safety and latest security alerts
November 19th, 2008

Software Package Supplied By Lenovo Contained Malware

Computer maker Lenovo is shipping a malware-infected software package to Windows XP users, according to warning from anti-virus researchers at Microsoft. It was found in Lenovo Trust Key software for Windows XP, a digitally signed driver package available to Windows XP SP2 users.

The malicious file was identified by Microsoft as Win32/Meredrop, a Trojan dropper that is used to install and execute multiple malicious executables on an infected computer. Other anti-virus vendors are detecting the threat as a virus or a porn dialer.

The infected software is used to install the Lenovo Security Logon and the Lenovo Private folder applications for use with the Lenovo Trust Key (also known as Lenovo Insider Key).

Lenovo has already removed the compromised download from its Web site.

Share this item with others:

More on CyberInsecure:
  • Lenovo Support Website Loads Malicious IFrame, Infects Visitors With Trojan
  • XSS Flaw Fixed In Latest WordPress 2.6.5
  • IBM Hands Out Malware-infected USB At AusCERT Security Conference
  • Botnet Kit And Service Offered To Non-Techies
  • Energizer Duo Software Included Backdoor Trojan

  • If you found this information useful, consider linking to it from your own website.
    Just copy and paste the code below into your website (Ctrl+C to copy)
    It will look like this: Software Package Supplied By Lenovo Contained Malware

    Leave a Reply

    Comments with unsolicited links to other resources will be marked as spam. DO NOT leave links in comments. Please leave your real email, it wont be published.

    *
    To prove you're a person (not a spam script), type the security word shown in the picture. Click on the picture to hear an audio file of the word.
    Click to hear an audio file of the anti-spam word