Skip to main content
  1. Home
  2. Computing

Razer mice could give hackers wide-open local access to your Windows PC

By

The security problems just keep coming for Windows. In the latest, a hacker has discovered that by simply using a Razer mouse, someone with bad intent who already has full physical access to your PC can run their own payloads and even abuse and enter the PowerShell command terminal.

A bit like the ongoing PrintNightmare vulnerability issue of injecting bad drivers via Point and Print, this new flaw has to deal with the way that Razer’s gaming software works. Once a Razer mouse is plugged into a PC, Windows Update downloads and runs a “Razer installer” as a system process. This installer then allows hackers to open an elevated version of Windows Explorer to choose where to install drivers, and they can simply then open PowerShell by pressing the Shift and the right-click buttons on the keyboard. You can see this in action below.

Recommended Videos

Need local admin and have physical access?
– Plug a Razer mouse (or the dongle)
– Windows Update will download and execute RazerInstaller as SYSTEM
– Abuse elevated Explorer to open Powershell with Shift+Right click

Tried contacting @Razer, but no answers. So here's a freebie pic.twitter.com/xDkl87RCmz

— ҉j҉o҉n҉h҉a҉t҉ (@j0nh4t) August 21, 2021

Related

Pointing out another issue, the hacker who exposed this flaw said that if the installation process is completed and the files are saved to the desktop, a service binary is saved. This can also be hijacked for persistence and be executed before the user login on boot. Even more alarming is that a real Razer mouse is not needed, as a USB ID can be easily spoofed, according to MSPoweruser.

The hacker involved in this situation says they reached out to Razer and that a fix is coming to correct this issue as soon as possible. It’s highly likely that Microsoft is also involved in the fix. The drivers for Razer mice would be needed to be updated or removed from Windows Update so that it no longer provides system privileges once a mouse is plugged in.

Microsoft has been on top of its game when it comes to these security issues. After hackers raised concerns about issues with the Print Spooler in Windows, the company issued a patch just a few day later. Hackers and security researchers, however, keep digging deeper into Windows to expose more flaws.

The latest came just on August 12, when it was discovered that you don’t need administrative privileges in Windows in cases where you need to connect to a printer or a print server if that printer driver is installed locally.

Editors’ Recommendations

Topics
Arif Bacchus
Arif Bacchus
Former Digital Trends Contributor
Arif Bacchus is a native New Yorker and a fan of all things technology. Arif works as a freelance writer at Digital Trends…
Will Windows AI Copilot be the ultimate PC accessibility tool?
A screenshot of Windows Copilot being used in the sidebar.

At Build 2023, Microsoft made quite a big deal about its headlining announcement, the Windows Copilot. The idea is simple: build AI right into the operating system. In the same way that the Edge browser (and soon the entire stack of Office apps) have their own AI copilots, now Windows will have one too.

But in talking to the leader of Microsoft's Windows (and Surface) group, Panos Panay, I wanted to dig into a different possible use case for generative AI as a tool for accessibility. It wasn't presented this way, in particular, but having access to a virtual assistant that's actually smart built right into the operating system of computer certainly seems like it would have some serious value in terms of accessibility.

Read more
If your PC is running slowly, the latest Windows 11 update may be to blame
A laptop running Windows 11.

Microsoft may have a problem on its hands -- the latest Windows 11 update doesn't seem to be working as intended. According to various user reports, the update drastically slows SSD speeds, in some cases even cutting them in half.

If you've noticed that your PC is loading slowly or programs aren't running as quickly as you'd hoped, you might be affected by this problem. Here's how to fix it.

Read more
Windows 11 could be hurting your gaming performance
Overwatch 2 running on the LG OLED 27 gaming monitor.

If you’ve been wondering why your beefy graphics card hasn’t been performing as well as it should in Windows 11 or Windows 10, the answer could be Microsoft’s Virtualization Based Security (VBS). According to testing done by Tom’s Hardware, VBS could cause gaming performance to drop by as much as 10%.

In a suite of fresh benchmarks, Tom’s Hardware tested 15 different games, from Cyberpunk 2077 to Red Dead Redemption 2, both with VBS enabled and with the feature turned off. In some games, the results could be cause for concern.

Read more