SteelSeries Peripherals Can Bypass Windows Security, Too

SteelSeries Peripherals Can Bypass Windows Security, Too

Windows users around the world were looking warily at their Razer peripherals earlier this week. That’s when a security researcher noted the devices could be used to gain administrator privileges on Windows, and it turns out Razer is not alone. The same vulnerability exists in the SteelSeries ecosystem. Simply plugging in one of these devices grants the ability to install software without logging in as an admin. SteelSeries says it’s fixed the issue, but this is starting to feel like it’s more Microsoft’s fault than anyone else.

To recap, this ongoing snafu is thanks to the way Windows supports third-party devices. When you plug in a peripheral that Windows recognizes, it will download the necessary software from the manufacturer. In the case of Razer, it downloads Synapse, and for SteelSeries, it’ll grab the Engine suite.

According to @zux0x3a on Twitter, the installation dialog for Engine makes the same mistake as Razer. The user can use the prompts to access other applications like the browser and command prompt. Because they originate from a Windows system component, they retain system privileges. Thus, you can install any malicious thing you want without knowing the admin password.

it is not only about @Razer.. it is possible for all.. just another priv_escalation with @SteelSeries https://t.co/S2sIa1Lvjv pic.twitter.com/E3NPQnxqo2

— Lawrence 勞倫斯 (@zux0x3a) August 23, 2021

SteelSeries says it has fixed the problem by disabling the automatic software installation. The company is working on a permanent fix, but in the meantime, users will have to install their peripheral’s software manually. That doesn’t seem like a huge inconvenience, though. This should serve as a reminder that any device that requires a bulky software suite to manage is a potential security issue.

SteelSeries certainly should have detected this vulnerability, and the same goes for Razer, but Microsoft is not blameless. The way Windows proactively installs these software packages is starting to look like the real issue. Perhaps it’s not a good idea to build the OS in such a way that a USB device can trigger an easily hijacked installation dialog. Luckily, you can mitigate this problem with a quick trip to the settings. The toggle you’re looking for is buried in the Windows 10 Control Panel, but you can just search for “Change device installation settings.” Turn it off, and peripherals won’t be able to trigger software installations. The drawback is that you’ll have to go hunt down the proper software and install it yourself.

Continue reading

Microsoft: Pluton Chip Will Bring Xbox-Like Security to Windows PCs
Microsoft: Pluton Chip Will Bring Xbox-Like Security to Windows PCs

Intel, AMD, and Qualcomm are working to make Pluton part of their upcoming designs, which should make PCs more difficult to hack, but it also bakes Microsoft technology into your hardware.

Apple: ‘It’s Up to Microsoft’ to Get Windows Running on New ARM Macs
Apple: ‘It’s Up to Microsoft’ to Get Windows Running on New ARM Macs

According to Apple, the question of supporting Windows on the M1 is entirely in Microsoft's court.

How Does Windows Use Multiple CPU Cores?
How Does Windows Use Multiple CPU Cores?

We take multi-core awareness for granted these days, but how do the CPU and operating system communicate with each other in the first place?

Minecraft With Ray Tracing Now Available for All Windows 10 Players
Minecraft With Ray Tracing Now Available for All Windows 10 Players

You don't usually think of Minecraft as a realistic game, but the developers have been hard at work adding RTX ray tracing to the game for the last eight months. It's finally out of beta today, and it really works with the blocky look of Minecraft.