Share this article
Latest news
With KB5043178 to Release Preview Channel, Microsoft advises Windows 11 users to plug in when the battery is low
Copilot in Outlook will generate personalized themes for you to customize the app
Microsoft will raise the price of its 365 Suite to include AI capabilities
Death Stranding Director’s Cut is now Xbox X|S at a huge discount
Outlook will let users create custom account icons so they can tell their accounts apart easier
Hackers leverage Razer mice driver updates to access Windows PCs
2 min. read
Published onAugust 23, 2021
published onAugust 23, 2021
Share this article
Read our disclosure page to find out how can you help Windows Report sustain the editorial teamRead more
Microsoft’s Windows operating system is receiving yetanother security-flawinduced black eye, as hackers take advantage of its partnership with Razer.
Earlier today, information regarding a Windows exploitation that involves a specific Razer gaming software and driver installation surfaced and depicts an exploit that could give a hackers unprecedented access to a user’s computer.
The hack in specific relies on a simple driver update to Razer mouse that doubles as a system process for “Razer Installer”. If hacker can get physical access to or convenience a user to plug in a Razer mouse USB dongle, then the system installer will grant the hacker access to an elevated version of the Windows Explorer GUI and then grant permissions for local installation and access to items such as Windows PowerShell.
Need local admin and have physical access?– Plug a Razer mouse (or the dongle)– Windows Update will download and execute RazerInstaller as SYSTEM– Abuse elevated Explorer to open Powershell with Shift+Right click
Tried contacting@Razer, but no answers. So here’s a freebiepic.twitter.com/xDkl87RCmz
— jonhat (@j0nh4t)August 21, 2021
Adding fire to this explosive revelation is the fact that if the installation process is both completed, and the files saved to the desktop as they typically would be, hackers could have continued access to the PC’s subsystems.
Furthermore, once a completion is done, the physical necessity of a Razer mouse is no longer needed. Hackers could simply spoof the USB-ID and regain access to the PC.
Additionally if you go through the installation process and define the save dir to user controllable path like Desktop. A service binary is saved there which can be hijacked for persistance and is executed before user logon on boot.
— jonhat (@j0nh4t)August 21, 2021
When confronted about the security flaw, Razer has acknowledged its severity and plans to ship a fix in the coming weeks.
As for Microsoft’s role in the exploitative hack, there has been no official statement released from the company, but a temporary patch could be issued as part of its once-a-week cumulative update for Windows, that would put a pause to the automated driver download process for Razer mice.
Kareem Anderson
Networking & Security Specialist
Kareem is a journalist from the bay area, now living in Florida. His passion for technology and content creation drives are unmatched, driving him to create well-researched articles and incredible YouTube videos.
He is always on the lookout for everything new about Microsoft, focusing on making easy-to-understand content and breaking down complex topics related to networking, Azure, cloud computing, and security.
User forum
0 messages
Sort by:LatestOldestMost Votes
Comment*
Name*
Email*
Commenting as.Not you?
Save information for future comments
Comment
Δ
Kareem Anderson
Networking & Security Specialist
He is a journalist from the bay area, now living in Florida. He breaks down complex topics related to networking, Azure, cloud computing, and security
