LANDesk Patch News Bulletin: LANDesk has Released a Patch Update for Lenovo Hardware Password Manager 28-APR-2010

Version 3

    LANDesk Security and Patch News



    • (April 28, 2010) LANDesk has released a vulnerability definition for Lenovo Hardware Password Manager (HPM). The following issues are resolved in this update:

    Hardware Password Manager MR1 Updates –

    • Simplify the Change Password and Registration processes.
    • Fix problem where Intranet Login authentication fails in BIOS with certain PXE configurations.
    • Allow a system to be re-registered after a planar replacement – associate hard disk with the new planar.
    • Add support for UPN formatted credentials entered at BIOS (pre-boot) logon.
    • Add support for 64-bit Vista.
    • Allow the IT Administrator to specify the number of times the user is allowed to cancel the HPM  registration (default value is 3).  Once this threshold is passed, the user must secure their system by registering in HPM.
    • Allow the IT Administrator to specify the number of days a Service Tech can access a group of computers.
    • Obscure hardware passwords in the console by default.
    • Added visibility to directory entities beyond 1000 items.




    Hardware Password Manager SP1 Updates –

    • The query logic used by the HPM server to authentication users in Active Directory was optimized to significantly improve the response time.
    • Allow all the characters in passwords to be visible in the HPM Properties dialog.
    • Change the default hardware password lengths to 15-character min. and 20-character max.  Both the min. and max. lengths can still range from 1-64 characters.
    • Eliminate unhandled exception when a HPM protected hard disk is moved to a non-managed system.
    • Server not found error displayed during registration process
    • LDAP configuration crashes ThinkManagement Console
    • Support for UPN format when specifying intranet credentials at HPM registration


    Please visit the following page for more details on HPM:


    New Vulnerabilities

    • Vulnerability ID – LD-CMP-35409-882


    Changed Vulnerabilities

    • Vulnerability ID – None


    New Patch Downloads



    Where to Send Feedback

    At LANDesk, we are constantly striving to improve our products and services and hope you find these changes reflective of our ongoing commitment to listen to you—our partners and customers—in providing the best possible solutions to meet your needs now and in the future.  Please continue to provide feedback by contacting our local support organization.



    Best regards,

    LANDesk Product Support


    Copyright © 2010 LANDesk Software.  All rights reserved. LANDesk is either a registered trademark or trademark of LANDesk Software, Ltd. or its affiliated entities in the United States and/or other countries. Other names or brands may be claimed as the property of others.

    Information in this document is provided for information purposes only.  The information presented here is subject to change without notice.  This information is not warranted to be error-free, nor subject to any other warranties or conditions, whether expressed orally or implied in law, including any implied warranties and conditions of merchantability or fitness for a particular purpose. LANDesk disclaims any liability with respect to this document and LANDesk has no responsibility or liability for any third party products of any content contained on any site referenced herein.  This document may not be reproduced or transmitted in any form or by any means, electronic or mechanical, for any purpose, without our prior written permission. For the most current product information, please visit