SteelSeries Peripherals Can Bypass Windows Security, Too

SteelSeries Peripherals Can Bypass Windows Security, Too

Windows users around the world were looking warily at their Razer peripherals earlier this week. That’s when a security researcher noted the devices could be used to gain administrator privileges on Windows, and it turns out Razer is not alone. The same vulnerability exists in the SteelSeries ecosystem. Simply plugging in one of these devices grants the ability to install software without logging in as an admin. SteelSeries says it’s fixed the issue, but this is starting to feel like it’s more Microsoft’s fault than anyone else.

To recap, this ongoing snafu is thanks to the way Windows supports third-party devices. When you plug in a peripheral that Windows recognizes, it will download the necessary software from the manufacturer. In the case of Razer, it downloads Synapse, and for SteelSeries, it’ll grab the Engine suite.

According to @zux0x3a on Twitter, the installation dialog for Engine makes the same mistake as Razer. The user can use the prompts to access other applications like the browser and command prompt. Because they originate from a Windows system component, they retain system privileges. Thus, you can install any malicious thing you want without knowing the admin password.

it is not only about @Razer.. it is possible for all.. just another priv_escalation with @SteelSeries https://t.co/S2sIa1Lvjv pic.twitter.com/E3NPQnxqo2

— Lawrence 勞倫斯 (@zux0x3a) August 23, 2021

SteelSeries says it has fixed the problem by disabling the automatic software installation. The company is working on a permanent fix, but in the meantime, users will have to install their peripheral’s software manually. That doesn’t seem like a huge inconvenience, though. This should serve as a reminder that any device that requires a bulky software suite to manage is a potential security issue.

SteelSeries certainly should have detected this vulnerability, and the same goes for Razer, but Microsoft is not blameless. The way Windows proactively installs these software packages is starting to look like the real issue. Perhaps it’s not a good idea to build the OS in such a way that a USB device can trigger an easily hijacked installation dialog. Luckily, you can mitigate this problem with a quick trip to the settings. The toggle you’re looking for is buried in the Windows 10 Control Panel, but you can just search for “Change device installation settings.” Turn it off, and peripherals won’t be able to trigger software installations. The drawback is that you’ll have to go hunt down the proper software and install it yourself.