Bug in Razer software enables administrator privileges in Windows 10 (update)
Obtaining administrator privileges in Windows 10 usually requires authentication. However, exploits sometimes bypass these measures and give users direct access to administrator privileges. From a story about Beeping computer, Razer has a bug in its software that allows you to gain administrator access to the Windows 10 operating system in a few simple steps.
When using Windows 10, a typical user will be limited to making system changes without all the necessary privileges. To perform these tasks, you need system privileges, which is the star of today’s show. Thanks to the security researcher jonhat, which found a hole in Razer’s Synapse software, there is a way to gain system privileges.
When you plug a Razer device into a Windows 10 or Windows 11 PC, the operating system downloads Razer’s Synapse software to adapt to the device and configures a range of functions available on Razer devices, such as lighting. adjustable, shortcut keys and many more. According to Razer, more than 100 million PCs use Synapse software around the world.
Update: August 23, 4:28 p.m. ET:
“We have been made aware of a situation where our software, in a very specific use case, provides a user with greater access to their machine during the installation process,” said a spokesperson for Razer. to Tom’s Hardware in a prepared statement. “We have investigated the issue, are currently making changes to the installer application to limit this use case, and will release an updated version shortly. Using our software (including the installer application installation) does not provide unauthorized third-party access to the machine. “
The company also said that anyone who finds an issue with Razer’s security should report it through Inspectiv, that is bug bounty service.
The original story continues below:
As the Windows operating system itself calls and executes the RazerInstaller.exe file, it already does so with system privileges. Once you have started the installation process, choosing where to install the software, you just need to choose the option to select a folder, and once you are in the file explorer, just press the key. Shift your keyboard with a right click. There is an option in the drop-down menu for “Open PowerShell Window Here,” which you select to open Windows PowerShell. If you type the command “whoami” which lists your user privileges, it displays “nt Authority system”, which means you access the console as an administrator, allowing you to run any command that you want to do.
Need a local administrator and physical access? – Plug in a Razer mouse (or dongle) – Windows Update will download and run RazerInstaller as SYSTEM – Abuse high explorer to open Powershell with Shift + Right click Tried contacting @Razer, but no responses. So here’s a freebie pic.twitter.com/xDkl87RCmzAugust 21, 2021
In the Tweet above, you can see the process of making it. If there is software that automatically installs like this that has the ability to open Windows PowerShell in File Explorer, it might be vulnerable to the exploit as well. The researcher then tweeted that Razer had contacted him and was working on a fix ASAP, so be sure to update your Razer Synapse software whenever there is an update.