zdnet[.]com/article/lenovo-patches-uefi-vulnerabilities-impacting-millions-of-device-users-worldwide/
support.lenovo[.]com/us/en/product_security/LEN-73440
Malware infecting the BIOS is about the worst thing that could happen to your PC or laptop, since the BIOS is the first thing to come online when you turn it on, meaning it can effect just about everything, including Windows. It can also be the hardest type of malware to get rid of -- you have to (re)flash [reload] the firmware, assuming the infected BIOS allows it, assuming you can get the file you need from the manufacturer, and assuming nothing goes wrong, since a failure flashing the BIOS can brick the device.
On Tuesday, ESET said the vulnerabilities impact "more than one hundred different consumer laptop models with millions of users worldwide" and were caused by drivers only meant to be used during Lenovo's product development stage.The impacted product list includes IdeaPads, Legion gaming devices, and both Flex and Yoga laptops.