Is it a fun security prank or a public service announcement to keep your computer safe? (It’s a combination of the two.)
In Windows, not all users are created equal. You can use the computer without administrator access, but you won’t be able to install certain apps or run commands, and you won’t have full control of the machine. However, you can gain SYSTEM privileges on any Windows 10 machine right now by simply plugging in a Razer keyboard or mouse. That appears to be a bad idea.
Different “user rights” are generally a good thing for Windows. It safeguards your system against those who would take advantage of those privileges, whether maliciously or not. When you have admin—or SYSTEM—privileges, you have complete control over Windows, so giving that power to just anyone can be dangerous.
The idea that plugging in the right mouse can give you complete control over a computer may seem more fantastical than a TV hacker, but it’s true. When you connect one of these Razer peripherals to your computer, Windows will automatically download Razer Synapse, the software that allows you to control certain mouse and keyboard settings. Because it is launched from a Windows process with SYSTEM privileges, the Razer software has SYSTEM privileges.
But that isn’t where the vulnerability enters the picture. When you install the software, Windows’ setup wizard will ask you where you want it saved. A “Choose a Folder” prompt will appear when you choose a new location for the folder. If you hold down Shift and right-click on that, you can select “Open PowerShell window here,” which will launch a new PowerShell window.
Because this PowerShell window was launched from a process with SYSTEM privileges, it now has SYSTEM privileges as well. You’ve effectively turned yourself into an administrator on the machine, with the ability to run any command you can think of in the PowerShell window.
This vulnerability was first discovered on Twitter by user jonhat, who attempted to contact Razer about it but was unsuccessful. Razer eventually responded, stating that a patch is in the works. However, until that patch is released, the company is selling tools that make it simple to hack millions of computers.
How to protect your computer from Razer’s vulnerability
While waiting for Razer to fix the bug is the best solution, we don’t know how long that will take. You can disable your computer’s USB ports right now to protect your computer from the machinations of Razer peripheral-wielding potential hackers.
This is not something that everyone should do. You should not disable USB ports if you need them for your mouse, keyboard, or other important peripherals. This method is safer to use if your PC supports Bluetooth mice and keyboards, or if you use a laptop.
There are various (and complicated) ways to do this, but the easiest place to start is via Device Manager. Right-click on “This PC,” then click “Manage.” Click “Device Manager,” then click the arrow next to Universal Serial Bus controllers. Here you will find all of your computer’s USB controllers. You can right-click on these items and choose “Disable” to disable them.
When you’re ready to reenable your USB ports, repeat the steps above but select “Enable” instead of “Disable.” Remember that this exploit requires someone to physically connect their Razer mouse to your PC, so the risk to your machine is low unless you frequently leave your computer out in the open.
No Responses