One of the vulnerabilities is located in the tool’s help system and allows users with limited Windows accounts to start an instance of Internet Explorer with administrator privileges by clicking on URLs in help pages. That’s because Lenovo System Update itself runs under a temporary administrator account that the application creates when installed, so any process it spawns will run under the same account.
Source: Lenovo patches serious vulnerabilities in PC system update tool
Those skint specs extend to just 4GB of DDR3, a slow 5400-RPM mechanical hard drive, and no wireless connectivity of any kind. These can all be upgraded, mind you, but you’ll have to pay for each one. The system itself is next to impossible to actually dismantle, too, so you’re stuck ordering these upgrades when you order the system. When we’re starting at $699 we should have at least wireless ethernet and Bluetooth standard, especially given just how small and portable the M92 really is.
via AnandTech – Lenovo ThinkCentre M92 Tiny System Review: Pint-Sized Power.
$699 base price.