BACKGROUND:
Jonhat on Twitter details the Zero-day admin escalation he found using Razer peripherals on Windows 10. He even includes a video example of the escalation. Excerpt:
Need local admin and have physical access?
– Plug a Razer mouse (or the dongle)
– Windows Update will download and execute RazerInstaller as SYSTEM
– Abuse elevated Explorer to open Powershell with Shift+Right click
Experts Comments
What do you think of the topic? Do you agree with expert(s) or share your expert opinion below.
Be part of our growing Information Security Expert Community (1000+), please register here.
Be part of our growing Information Security Expert Community (1000+), please register here.
Once used, forever vulnerable. All you have to do is plug in a Razer mouse dongle and Windows 10 will automatically download a driver that will elevate privileges to local admin. From there, it’s possible to install malware that can interact with other systems on the network. This is a zero-day vulnerability, in that there is no known fix for it from the vendor. An analytics-driven cybersecurity approach is likely to find this when it occurs through system and network log files and can flag
.....Read MoreOnce used, forever vulnerable. All you have to do is plug in a Razer mouse dongle and Windows 10 will automatically download a driver that will elevate privileges to local admin. From there, it’s possible to install malware that can interact with other systems on the network. This is a zero-day vulnerability, in that there is no known fix for it from the vendor. An analytics-driven cybersecurity approach is likely to find this when it occurs through system and network log files and can flag security professionals to investigate the offending computer. Otherwise, it can wreak havoc on the entire network.
Read LessLinkedin Message
@Saryu Nayyar, CEO, provides expert commentary at @Information Security Buzz.
"..."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/win-10-admin-escalation-with-razor-bug-expert-insight
Facebook Message
@Saryu Nayyar, CEO, provides expert commentary at @Information Security Buzz.
"..."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/win-10-admin-escalation-with-razor-bug-expert-insight