Windows security has always been one of the workhorses of those who claim that it is a system not as secure as it should be and the truth is that they are armed with reason with it. news like this, regarding a failure to get administrator permissions when installing the drivers for a Razer wireless mouse.
A new vulnerability that does not require having to click on a suspicious file or install a program from unofficial sources. A breach that endangers computer security and although to take advantage of it, the attacker must have physical access to the computer, it continues to show that Microsoft still has a lot of work to do to improve the security of its system .
Full access to equipment
And in this case the problem arises when the drivers for a Razer wireless mouse are installed through the Synapse app. It is the tool which allows you to configure all the parameters as well as to personalize the functions and the commands to facilitate the use, for example, of a mouse and which benefits from the “Plug and Play” system which facilitates the connection. devices by simply “plugging them in” to the device. PC.
The Synapse app runs automatically when you connect a Razer mouse. The RazerInstaller.exe file is used to perform a normal installation which, however, also allows the user to open an Explorer window to choose where to install the drivers. And this is where the problem starts, as the user can open PowerShell and access almost any function on the computer.
Need a local administrator and physical access?
– Connect a Razer mouse (or dongle)
– Windows Update will download and run RazerInstaller as SYSTEM
– Abuse elevated explorer to open Powershell with Shift + right click
I tried contacting @Razer, but no response. So here’s a freebie pic.twitter.com/xDkl87RCmz
– jonhat (@ j0nh4t) August 21, 2021
The vulnerability was discovered and posted on Twitter by user @ j0nh4t, who decided to go public with the existence of this security flaw after contacting Razer and initially getting no response. Following this article, from Razer, they reached out to us, to make a statement, stating that they are working on changes in the app to limit this use case:
We have been aware of a situation where our software, in a very specific use case, provides the user with greater access to their computer during the installation process.
We have investigated the issue and are currently making changes to the setup app to limit this use case, as well as releasing an updated version soon. Use of our software (including the installer application) does not provide unauthorized third party access to the computer.
We are committed to ensuring the digital security and protection of all of our systems and services, and if you find any potential bugs, we encourage you to report them through our bug bounty service, Inspectiv: https: //app.inspectiv. com / # / register.
To take advantage of this failure, it is necessary to have both a Razer mouse and personal access to the equipment, two limits that minimize the impact of the breach which can however make us doubt the number of failures. of this type that can affect others. Plug & Play devices.
Via | Slashgear