Disable third-party antivirus programs/Windows Defender firewall.Reinstalling the Razer Synapse and Razer Device Drivers.How to Repair Razer Synapse that won’t open in Windows 10.Why Razer Synapse won’t open on Windows 10.In the meantime, however, make sure you keep your PC - and your Razer mice - to yourself. Microsoft can also remove the faulty driver from Windows Update, and replace it with a newer one when available. Luckily, Razer Synapse updates automatically by default, so once Razer puts out a patch, most users should get it without any extra effort.
As long as the RazerInstaller EXE runs from the USB drive, the rest of the vulnerability is relatively easy to exploit. Simply creating a USB drive that mimics a Razer mouse would suffice. Technically speaking, you don’t even need a Razer mouse to replicate this flaw. A savvy Command Prompt user can copy files, install software, or just flat-out wipe a PC. Once Windows Explorer is open, they can then run Powershell and use the Command Prompt to do, well, almost anything. Assuming that Synapse isn’t already installed, the mouse will run an EXE called “RazerInstaller.” The vulnerability lies in the fact that RazerInstaller runs as SYSTEM rather than an individual user account.Īs such, a user can pick a location to install Synapse. In any case, here’s how the flaw works: First, a malefactor plugs a Razer mouse into a Windows 10 PC. This could admittedly happen in a shared workplace, but it would take a lot of effort and coordination to pull off.
That means a stranger would need to be in your home or your workplace, unsupervised, and have a Razer mouse or dongle handy.
To gain admin access via a Razer mouse, a malefactor needs physical access to a PC. That brings us to the second point: the flaw is relatively impractical to exploit in everyday circumstances. Until then, however, it’s up to users to protect their own machines. The company patches its Synapse software frequently, so expect an update soon. First and foremost, Razer does not yet have a patch for this flaw. Before we get into the specifics of how the vulnerability works, there are two important pieces of information to keep in mind.
0 kommentar(er)
