lenovo笔记本bios_最新的IE补丁导致Windows在某些Lenovo笔记本电脑上启动时失败
lenovo笔记本bios
Microsoft has seen its share of issues as of late, and now a seemingly simple patch is causing serious issues to certain laptops running the 2016 Anniversary Update. The update was originally released to prevent a zero-day attack on IE.
微软最近已经看到了很多问题,现在看似简单的补丁正在对某些运行2016周年更新的笔记本电脑造成严重问题。 该更新最初是为了防止IE遭受零日攻击而发布的。
Per Microsoft, this was the issue being fixed:
对于Microsoft来说,这是已解决的问题:
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
脚本引擎处理Internet Explorer中内存中的对象的方式中存在一个远程执行代码漏洞。 该漏洞可能以一种攻击者可以在当前用户的上下文中执行任意代码的方式来破坏内存。 成功利用此漏洞的攻击者可以获得与当前用户相同的用户权限。 如果当前用户使用管理用户权限登录,则成功利用此漏洞的攻击者可以控制受影响的系统。 然后,攻击者可以安装程序。 查看,更改或删除数据; 或创建具有完全用户权限的新帐户。
In a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit the vulnerability through Internet Explorer and then convince a user to view the website, for example, by sending an email.
在基于Web的攻击情形中,攻击者可能拥有一个旨在通过Internet Explorer利用此漏洞的特制网站,然后诱使用户查看该网站(例如,通过发送电子邮件)。
The security update addresses the vulnerability by modifying how the scripting engine handles objects in memory.
该安全更新通过修改脚本引擎处理内存中对象的方式来解决漏洞。
But now that fix is causing a pretty big problem of its own: it’s preventing certain laptops from booting. The affected machines are part of a pretty small bunch—only Lenovo laptops with less than 8 GB of RAM running the 2016 Anniversary Update (1607)—but it’s still a pretty bad problem to have.
但是现在,此修复程序本身引起了一个很大的问题:它阻止了某些笔记本电脑的启动。 受影响的计算机只是一小部分的一部分-只有运行2016年周年更新(1607)的具有少于8 GB RAM的Lenovo笔记本电脑-但这仍然是一个非常糟糕的问题。
Fortunately, there’s a way to bypass the failed boot by restarting into the UEFI and disabling Secure Boot. It’s also noted that if BitLocker is enabled that you may have to go through BitLocker recovery after disabling Secure Boot.
幸运的是,有一种方法可以通过重新启动到UEFI并禁用安全启动来绕过失败的启动。 还需要注意的是,如果启用了BitLocker,则可能在禁用安全启动后必须进行BitLocker恢复。
On the upside, Microsoft is working with Lenovo to correct the issue and will release a fix sometime in the future. I just wouldn’t count on it before the end of the year. Until then, be careful when updating devices, especially if they happen to be Lenovo laptops with limited RAM.
从好的方面来说,微软正在与联想合作以纠正该问题,并将在将来的某个时间发布修复程序。 我只是不会在年底之前指望它。 在此之前,更新设备时要格外小心,尤其是当它们碰巧是内存有限的联想笔记本电脑时。
via MSPowerUser
lenovo笔记本bios