SteelSeries Peripherals Can Bypass Windows Security, Too

SteelSeries Peripherals Can Bypass Windows Security, Too

Windows users around the world were looking warily at their Razer peripherals earlier this week. That’s when a security researcher noted the devices could be used to gain administrator privileges on Windows, and it turns out Razer is not alone. The same vulnerability exists in the SteelSeries ecosystem. Simply plugging in one of these devices grants the ability to install software without logging in as an admin. SteelSeries says it’s fixed the issue, but this is starting to feel like it’s more Microsoft’s fault than anyone else.

To recap, this ongoing snafu is thanks to the way Windows supports third-party devices. When you plug in a peripheral that Windows recognizes, it will download the necessary software from the manufacturer. In the case of Razer, it downloads Synapse, and for SteelSeries, it’ll grab the Engine suite.

According to @zux0x3a on Twitter, the installation dialog for Engine makes the same mistake as Razer. The user can use the prompts to access other applications like the browser and command prompt. Because they originate from a Windows system component, they retain system privileges. Thus, you can install any malicious thing you want without knowing the admin password.

it is not only about @Razer.. it is possible for all.. just another priv_escalation with @SteelSeries https://t.co/S2sIa1Lvjv pic.twitter.com/E3NPQnxqo2

— Lawrence 勞倫斯 (@zux0x3a) August 23, 2021

SteelSeries says it has fixed the problem by disabling the automatic software installation. The company is working on a permanent fix, but in the meantime, users will have to install their peripheral’s software manually. That doesn’t seem like a huge inconvenience, though. This should serve as a reminder that any device that requires a bulky software suite to manage is a potential security issue.

SteelSeries certainly should have detected this vulnerability, and the same goes for Razer, but Microsoft is not blameless. The way Windows proactively installs these software packages is starting to look like the real issue. Perhaps it’s not a good idea to build the OS in such a way that a USB device can trigger an easily hijacked installation dialog. Luckily, you can mitigate this problem with a quick trip to the settings. The toggle you’re looking for is buried in the Windows 10 Control Panel, but you can just search for “Change device installation settings.” Turn it off, and peripherals won’t be able to trigger software installations. The drawback is that you’ll have to go hunt down the proper software and install it yourself.

Continue reading

The Best Smart Home Security Systems
The Best Smart Home Security Systems

Once a niche business with a few traditional players and some startups, home security systems are now a major battleground for not just security companies, but several internet giants. We round up highlights of the most popular options for 2020.

Microsoft: Pluton Chip Will Bring Xbox-Like Security to Windows PCs
Microsoft: Pluton Chip Will Bring Xbox-Like Security to Windows PCs

Intel, AMD, and Qualcomm are working to make Pluton part of their upcoming designs, which should make PCs more difficult to hack, but it also bakes Microsoft technology into your hardware.

Security Researcher: ‘solarwinds123’ Password Left Firm Vulnerable in 2019
Security Researcher: ‘solarwinds123’ Password Left Firm Vulnerable in 2019

SolarWinds, the company at the center of the massive hack that hit US government agencies and corporations, doesn't exactly use cutting-edge password techniques.

A File Sharing App With 1 Billion Downloads Has a Major Security Flaw
A File Sharing App With 1 Billion Downloads Has a Major Security Flaw

Trend Micro says SHAREit is a security nightmare that could allow intruders to sneak a peek at your data or even install malware. Perhaps most troublingly, the developers have not responded to Trend Micro's warnings.