Update available for vulnerability in version 4.20 of Lenovo Rescue and Recovery


This Security Bulletin addresses a vulnerability in Rescue and Recovery version 4.20. This vulnerability could allow an attacker to run code with elevated privileges on the affected system. This vulnerability has been assigned a serious severity rating. It is recommended that users update to the most current version of Lenovo Rescue and Recovery available.

Affected configurations

Systems with the following versions of Rescue and Recovery installed:

  • Lenovo Rescue and Recovery 4.20.0512 Vista
  • Lenovo Rescue and Recovery 4.20.0511 XP and 2000

Lenovo Rescue and Recovery on Windows

Lenovo strongly recommends upgrading to Lenovo Rescue and Recovery 4.21, available from the following site:

Additional information


Lenovo would like to thank ISec Partners for reporting the vulnerability described in CVE-2006-5857 and for working with us to help protect our customers' security.
Copyright © 2008 Lenovo. All rights reserved.

Did this work for you? let us know

  • Alias ID: MIGR-70699
  • Document ID: HT004932
  • Last Updated :05 Jun 2015
  • © 2015 Lenovo