Razer Laptops Shipped With Massive Firmware Vulnerabilities

Razer Laptops Shipped With Massive Firmware Vulnerabilities

Razer got its start making gaming-oriented peripherals like keyboards and mice, but it expanded into laptops a few years ago. The company’s Blade laptops still have that gamer aesthetic paired with powerful hardware. However, they also have a nasty security vulnerability that could let hackers implant malware on your system.

The vulnerability, known as CVE-2018-4251, is similar to one previously detected and patched in Apple laptops. It relates to the Intel Manufacturing Mode, a part of motherboard firmware for Intel-based systems. Apple spotted the screwup on its own and fixed it before anyone could take advantage, but the vulnerability has just been reported publicly after the discoverer was unable to get through to Razer. See below for an example of Razer just not understanding.

Manufacturing Mode is an undocumented configuration and testing suite that’s never supposed to be included on shipping firmware. It allows manufacturers to configure important platform settings like boot verification and write the settings to one-time programmable memory modules (FUSEs). The system parameters are initially stored in temporary memory for testing purposes and are then burned to FUSEs when closing Manufacturing Mode. If Manufacturing Mode is still active on a system, it could allow an attacker to create their own malicious system configuration options and lock them into the machine.

Hey! Thanks for mentioning us. Our Systems Team would like to check on this. Could you please tell us more about the challenges with your Razer laptop via DM and we'll take it there.

— RΛZΞR Support (@RazerSupport) March 21, 2019

This vulnerability does not on its own allow hackers to take over a computer, but it offers a mighty tempting target if they manage to get in. They could change system settings to hide malware from detection, essentially telling the computer that the malware the hacker just installed is supposed to be there. Someone could even leverage the Intel Meltdown vulnerability to wreak havoc by downgrading to older BIOS versions that don’t protect against the CPU-level vulnerabilities.

Continue reading

ARMing for War: New Cortex-A78C Will Challenge x86 in the Laptop Market
ARMing for War: New Cortex-A78C Will Challenge x86 in the Laptop Market

ARM took another step towards challenging x86 in its own right with the debut of the Cortex-A78C this week. The new chip packs up to eight "big" CPU cores and up to an 8MB L3 cache.

Apple’s New M1 SoC Looks Great, Is Not Faster Than 98 Percent of PC Laptops
Apple’s New M1 SoC Looks Great, Is Not Faster Than 98 Percent of PC Laptops

Apple's new M1 silicon really looks amazing, but it isn't faster than 98 percent of the PCs sold last year, despite what the company claims.

Best Games for Laptops and Low-End PCs in 2020
Best Games for Laptops and Low-End PCs in 2020

Just because you've got an older or low-end PC doesn't mean you can't enjoy gaming. There are thousands of back titles in the PC catalog. Here are some of our favorites.

ET Deals: Dell Inspiron 15 5000 Intel Core i7-1165G7 Laptop for $674, iRobot Roomba i7+ 7550 Robot Vacuum for $599
ET Deals: Dell Inspiron 15 5000 Intel Core i7-1165G7 Laptop for $674, iRobot Roomba i7+ 7550 Robot Vacuum for $599

Today you can take advantage of a 10 percent discount to snag a Dell Inspiron 15 5000 laptop with an Intel Core i7-1165G7 processor, 12GB of RAM and a 512GB NVMe SSD for just $674. You can also get iRobot's Roomba i7+ robot vacuum for just $599.00, which is the same price it was on Cyber Monday.