The ThinkPwn vulnerability which has been in the news lately, which allows attackers to disable Secure Boot and bypass Virtual Secure Mode on Win10 Enterprise as well as disabling flash write protection turns out not to be yet another questionable Lenovo feature.  Instead the problem lies with the motherboards UEFI, specifically the Intel System Management Mode implemented on Gigabyte motherboards.  So far the issue has been located on Z68-UD3H, Z77X-UD5H, Z87MX-D3H, and Z97-D3H but it is possible that the vulnerability exists on far more motherboards, perhaps even beyond Gigabyte as the flaw is in the Intel code.  The Register also postulates this could effect HP Pavilion machines as they use these boards as well.

"Gigabyte has been swept into turmoil surrounding low-level security vulnerabilities that allows attackers to kill flash protection, secure boot, and tamper with firmware on PCs by Lenovo and other vendors."

Here is some more Tech News from around the web:

Tech Talk