Skip to main content

Lenovo’s fingerprint scanner software is broken, update it today

Lenovo ThinkPad X1 Yoga 3rd-Gen
Matt Smith/Digital Trends
There is a lot of bad news lately when it comes to the security of our PCs and other devices. All kinds of nefarious parties want to break into our machines and access our most vital personal and professional information. That is what makes recent advances in biometric security, such as fingerprint scanners and facial recognition, so welcome. It’s also what makes it so disturbing when there is a flaw in those systems, as was recently the case with Lenovo’s Fingerprint Manager Pro software.

Fingerprint Manager Pro is a Windows 7, 8, and 8.1 utility that enables the fingerprint scanner on certain Lenovo systems to match a user’s fingerprint and use it to log into the machine as well as to authenticate to websites without needing to type in a password. As Lenovo indicates in a recent support bulletin, versions of the utility older than 8.01.87 are vulnerable to attack thanks to a weak algorithm and a hard-coded password — leaving sensitive data accessible to any user with local non-administrative access to a machine.

It is important to note that Windows 10 machines are unaffected, thanks to Microsoft’s built-in fingerprint reader support. If you’re using Windows 10 Hello on a Lenovo system, therefore, you have nothing to worry about.

This isn’t the first time that Lenovo’s fingerprint software has suffered from a lapse in security. In early 2016, the Lenovo Fingerprint Manager and Touch Fingerprint Software utilities were vulnerable to a local privilege escalation that allows users to gain administrator rights when running applications.

Here is a list of the affected systems:

  • ThinkPad L560
  • ThinkPad P40 Yoga, P50s
  • ThinkPad T440, T440p, T440s, T450, T450s, T460, T540p, T550, T560
  • ThinkPad W540, W541, W550s
  • ThinkPad X1 Carbon (Type 20A7, 20A8), X1 Carbon (Type 20BS, 20BT)
  • ThinkPad X240, X240s, X250, X260
  • ThinkPad Yoga 14 (20FY), Yoga 460
  • ThinkCentre M73, M73z, M78, M79, M83, M93, M93p, M93z
  • ThinkStation E32, P300, P500, P700, P900

Go update the Lenovo Fingerprint Manager Pro utility today. You can download it here, and then install it as soon as you can to make sure your sensitive data remains protected. While you’re at it, you can check out all of Lenovo’s security advisories here to make sure you’re not exposed.

Editors' Recommendations

Mark Coppock
Mark has been a geek since MS-DOS gave way to Windows and the PalmPilot was a thing. He’s translated his love for…
New Lenovo IdeaPads look like the Chromebooks to beat
Man sitting with Lenovo IdeaPad Chromebook.

Lenovo unveiled a number of new Chromebooks as part of the Mobile World Congress event. The devices include the IdeaPad Flex 5i and 3i and the IdeaPad Duet 3.

The IdeaPad 5i and 3i have 14-inch and 15-inch displays, respectively. They both have a FHD IPS panel with 400-nit peak brightness. Both of these Chromebooks are 2-in-1 convertibles. Aside from that and the screen quality, though, the two devices are actually quite different.

Read more
ThinkPad X1 Extreme Gen 5 adds 165Hz screen and RTX 3080 Ti
The ThinkPad X1 Extreme, now in its 5th generation.

Lenovo has announced an impressive update to the ThinkPad X1 Extreme, now in its fifth generation. The two key features are the 165Hz refresh rate screen and the addition of up to RTX 3080 Ti graphics.

In the current generation, the ThinkPad X1 Extreme maxes out at the RTX 3070 and 60Hz.

Read more
Lenovo ThinkPad X13s hands-on review: ARM-powered ThinkPad
thinkpad x13s hands on new specs price photos x13 gen 1 featured image

Lenovo's best laptops have always had Intel or AMD inside, but in a first, there's now a new ThinkPad powered by Qualcomm's Snapdragon 8cx Gen 3 compute platform.

More specifically, it is the ThinkPad X13s, an ARM-powered device that's unlike a regular ThinkPad in more ways than one. With promising always-on, always-connected performance and a fantastic sustainable design, this Lenovo laptop feels different from past Windows on ARM devices, and after trying one ahead of Mobile World Congress, it dares to take on Apple's M1 MacBooks in the business realm.

Read more