Thursday, September 23, 2021
HomeTechnologyNeed to get root on a Windows box? Plug in a Razer...

Need to get root on a Windows box? Plug in a Razer gaming mouse

Need to get root on a Windows box? Plug in a Razer gaming mouse
Razer

Need to get root on a Windows box? Plug in a Razer gaming mouse

This weekend, security researcher Jonhat disclosed a long-standing security bug in Synapse software associated with Razer gaming mice. When installing the software, the wizard produces a clickable link to the location where the software will be installed. Clicking on this link opens a file explorer window in the suggested location, but this file explorer appears with SYSTEM Process ID, not with the user’s.

Have the mouse, go root

By itself, this vulnerability in Razer Synapse looks like a minor issue, after all, so running a software installer with SYSTEM privileges, a user should normally have Administrator privileges themselves. Unfortunately, Synapse is part of the Windows Catalog, which means an unprivileged user can simply plug in a Razer mouse, and Windows Update will automatically download and run the actionable installer.

Jonhat is not the only, or even the first, researcher to discover and publicly disclose this bug. Lee Christensen publicly disclosed the same bug in July, and according to a security researcher _MG_, who demonstrated Using an OMG cable to mimic the PCI device ID of a Razer mouse and exploit the same vulnerability, researchers have reported unsuccessfully for over a year.

Vulnerability patches will soon be available in a Windows catalog near you

Fortunately, Razer seems to have finally received the memo — jonhat reported that the company contacted him shortly after his August 21 public disclosure to assure him that his security team “is working on a fix as soon as possible,” and that the company even offered him a bonus despite the public disclosure.

Once Razer itself fixes the vulnerability, the next step will be to forward it to Microsoft for inclusion in the Windows Catalog, where it will need to replace the current and vulnerable Razer HIDClass driver that Windows Update automatically downloads and runs each time. that a Razer mouse is plugged in. the system. (The vulnerable version in the Windows Catalog at the time of publication is 6.2.9200.16495, dated January 2017.)

Need to get root on a Windows box? Plug in a Razer gaming mouse

RolePlayNews

RELATED ARTICLES

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Most Popular

Recent Comments