Posted on Friday, Aug 27 2021 @ 14:27 CEST by Thomas De Maesschalck
Earlier this week, news hit the web about a vulnerability in Razer's drivers that easily allows a local user to gain administrative rights
. At the time, there was speculation about a high likelihood of devices from other brands having similar vulnerabilities. It turns out the speculation was accurate as a similar escalation of privilege vulnerability is possible with SteelSeries devices. SteelSeries has issued a fix but it looks like this is more of an issue with Windows that facilitates this type of attack too easily:
Windows users around the world were looking warily at their Razer peripherals earlier this week. That’s when a security researcher noted the devices could be used to gain administrator privileges on Windows, and it turns out Razer is not alone. The same vulnerability exists in the SteelSeries ecosystem. Simply plugging in one of these devices grants the ability to install software without logging in as an admin. SteelSeries says it’s fixed the issue, but this is starting to feel like it’s more Microsoft’s fault than anyone else.