Turns out this is not only a nuisance but a security hole as well. Lenovo calls this BIOS "feature" Lenovo Service Engine (LSE) and they released a BIOS update to remove or disable it due to security vulnerabilities that were found.
As a result of these findings, Microsoft recently released updated security guidelines (see page 10 of this linked PDF) on how to best implement this Windows BIOS feature. Lenovo’s use of LSE was not consistent with these new guidelines. As a result, LSE is no longer being installed on Lenovo systems. It is strongly recommended that customers update their systems with the new BIOS firmware which disables and or removes this feature.
Source: Lenovo News Releases
The security advisories (Notebook
) for this vulnerability were released at the end of July.
Because this update isn't pushed out automatically, Lenovo users should check either the news release or the relevant security advisory to see if they are vulnerable, and if so update their BIOS (the security advisories have instructions how to do so). Note that Think-branded PC's do not have the LSE software installed in the BIOS.
Funny quote from the Notebook advisory:
Very helpful indeed.