fbpx
Frame-14

Privacy Ninja

        • DATA PROTECTION

        • CYBERSECURITY

        • Penetration Testing

          Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing
        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing
        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing
        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training
        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing
        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review
        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention
        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle
        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

Microsoft Explains Why Windows 10 is Crashing on Lenovo Laptops

Microsoft Explains Why Windows 10 is Crashing on Lenovo Laptops

Microsoft has acknowledged that changes introduced in recent Windows 10 2004 updates cause crashes on Lenovo ThinkPad laptops and has offered a workaround.

After users installed the July’s Windows 10 2004 KB4568831 update, Lenovo ThinkPad users found that their laptops would crash with “SYSTEM_THREAD_EXCEPTION_NOT_HANDLED” (in the Stop error message screen) and “0xc0000005 Access Denied” errors.

Soon after, Lenovo warned that ThinkPad models from 2019 and 2020 with Virtualization enabled in the “Enhanced Windows Biometric Security” setting, could encounter crashes and other bugs.

These crashes could occur when the following activity was performed:

  • Blue Screen of Death (BSoD) when booting
  • Blue Screen of Death (BSoD) when starting Lenovo Vantage
  • Blue Screen of Death (BSoD) when running Windows Defender Scan
  • Can’t login by Face with Windows Hello
  • Errors in Device Manager related to Intel Management Engine
  • Errors in Device Manager related to IR Camera

In a support bulletin released this week, Microsoft states that the KB4568831 updates, and those that came later, restrict how processes can access certain regions of memory known as PCI Device Configuration Space.

Also Read: What Legislation Exists in Singapore Regarding Data Protection and Security?

If a process attempts to access a  PCI Device Configuration Space in an unsupported manner, it will cause Windows 10 to crash with a Stop error.

“Windows devices that receive the July 31, 2020—KB4568831 (OS Build 19041.423) Preview or later updates restrict how processes can access peripheral component interconnect (PCI) device configuration space if a Secure Devices (SDEV) ACPI table is present and Virtualization-based Security (VBS) is running. Processes that have to access PCI device configuration space must use officially supported mechanisms.”

“The SDEV table defines secure hardware devices in ACPI. VBS is enabled on a system if security features that use virtualization are enabled. Some examples of these features are Hypervisor Code Integrity or Windows Defender Credential Guard.”

“The new restrictions are designed to prevent malicious processes from modifying the configuration space of secure devices. Device drivers or other system processes must not try to manipulate the configuration space of any PCI devices, except by using the Microsoft-provided bus interfaces or IRPs. If a process tries to access PCI configuration space in an unsupported manner (such as by parsing MCFG table and mapping configuration space to virtual memory), Windows denies access to the process and generates a Stop error,” Microsoft explains in a support bulletin.

Microsoft Offers a Workaround Until a Fix is Released

Microsoft states that they are currently working on a fix with Lenovo to prevent these crashes in Windows 10 2004.

For those who do not want to wait for the fix, Microsoft has offered a temporary workaround of disabling the ‘Enhanced Windows Biometric Security’ security feature in the laptop’s UEFI configuration.

To disable this feature, boot into the laptop’s UEFI setup screen, and under the Security > Virtualization menu, check the Enhanced Windows Biometric Security setting status.

If it is enabled, you can sacrifice some security on the laptop to prevent the crashes until a fix is released.

“To temporarily mitigate this problem, edit the device UEFI configuration (in the Security Virtualization section) to disable Enhanced Windows Biometric Security. This change disables the restrictions that are enabled by the SDEV table and VBS,” Microsoft explains.

Microsoft has not stated when their fix will be ready, but will likely require software, and possibly firmware, updates from Lenovo first.

Also Read: 7 Simple Tips On How To Create A Good Business Card Data

0 Comments

KEEP IN TOUCH

Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection

REPORTING DATA BREACH TO PDPC?

We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.
×

Hello!

Click one of our contacts below to chat on WhatsApp

× Chat with us