Lenovo Warns Critical WiFi Vulnerability Impacts Dozens of ThinkPad Models (https://threatpost.com/lenovo-warns-critical-wifi-vulnerability-impacts-dozens-of-thinkpad-models/129860/):
QuoteLenovo warned customers on Friday that two critical Broadcom vulnerabilities impacts 25 models of its popular ThinkPad brand. The vulnerabilities were first revealed in September and originally they were only reported to impact specific Broadcom chipsets used in Apple iPhones, Apple TV and Android devices.
Lenovo has expanded that list to include two dozen ThinkPads that use Broadcom's BCM4356 Wireless LAN Driver for Windows 10. According to the Lenovo advisory, the Wi-Fi chipsets contain the same firmware vulnerabilities CVE-2017-11120 and CVE-2017-11121 patched by Apple and Google in September.
{SNIP}
Lenovo is recommending affected ThinkPad customers update their Wi-Fi driver versions. Affected ThinkPad SKUs are: ThinkPad 10, ThinkPad L460, ThinkPad P50s, ThinkPad T460, ThinkPad T460p, ThinkPad T460s, ThinkPad T560, ThinkPad X260 and ThinkPad Yoga 260.
Lenovo Security Advisory: Broadcom WiFi Buffer Overflow Vulnerability (https://support.lenovo.com/us/en/solutions/LEN-17237)