Comment by tatersolid

No it doesn’t. If memory serves, Lenovo rootkits have been in the UEFI firmware which auto-install hooks into the OS after boot.

Linux is not magically immune to this attack. One could argue it is more susceptible than other OS due to lack of binary signature checks on executables at runtime (at least by default).