A recently released Windows 10 update is causing problems for Lenovo ThinkPad devices with Blue Screen of Death errors and incorrect Windows Hello biometric logins. A fix that could work around these issues could create even more problems for owners – at least according to Microsoft.
The issue affects Windows 10 Cumulative Update from August, KB566782 (also known as Windows 10 version 2004), and affects Lenovo ThinkPads from 2019 and 2020, and Windows 10 Preview KB4568831, which launched on July 31.
It appears that the Lenovo Vantage app that updates drivers is using the Intel Management Engine (as reported by ZDNet) to change the firmware ̵
To avoid the problem, Lenovo suggested turning off the Windows Advanced Biometric Security setting in the BIOS. Microsoft strongly advised against this.
Is it worth the risk?
As Microsoft states in a detailed article on this issue, the workaround can be applied by “editing the device’s UEFI configuration (in the Security> Virtualization section) to disable Windows Advanced Biometric Security. This change deactivates the restrictions activated by the SDEV table and VBS. “
However, Microsoft warns that “this workaround can make a computer or network more vulnerable to attack by malicious users or by malicious software such as viruses. We do not recommend this workaround, but we provide this information so that you can implement this workaround at your own discretion. “
Scary stuff and a dilemma for Lenovo ThinkPad owners. Are they applying the update so they can use their devices without any problems but put their security at risk, or are they still suffering from Blue Screen of Death errors that cause the device to crash and stop responding?
It’s a tough decision that, hopefully, people won’t have to make long as Microsoft claims it is working with Lenovo to come up with a solution that won’t affect the security of the ThinkPad owner. Let’s hope this correct solution arrives soon.