Security experts are urging Lenovo customers to update their Android tablets and handsets to protect themselves against a handful of critical vulnerabilities impacting tens of millions of vulnerable Lenovo devices. On Oct. 5, Lenovo quietly rolled out four patches impacting all of its Android tablets, Vibe and Zuk phones, and the Moto M (XT1663) and Moto E3 (XT1706) model handsets. According to Imre Rad, an independent security researcher who identified the bugs, the vulnerabilities are tied to the Lenovo Service Framework (LSF), an Android application used by several other Android applications and which is exclusive to Lenovo devices. According to Lenovo’s description of LSF, it is used to receive push notifications from Lenovo servers such as product promotions for apps, news, notices, surveys and also to facilitate emergency app repairs and upgrades when needed.