Security News > 2021 > August > Razer bug lets you become a Windows 10 admin by plugging in a mouse
A Razer Synapse zero-day vulnerability has been disclosed on Twitter, allowing you to gain Windows admin privileges simply by plugging in a Razer mouse or keyboard.
When plugging in a Razer device into Windows 10 or Windows 11, the operating system will automatically download and begin installing the Razer Synapse software on the computer.
Need local admin and have physical access?- Plug a Razer mouse- Windows Update will download and execute RazerInstaller as SYSTEM- Abuse elevated Explorer to open Powershell with Shift+Right click.
As BleepingComputer has a Razer mouse available, we decided to test out the vulnerability and have confirmed that it took us about two minutes to gain SYSTEM privileges in Windows 10 after plugging in our mouse.
With that said, the bug is so easy to exploit as you just need to spend $20 on Amazon for Razer mouse and plug it into Windows 10 to become an admin.
When we plugged the Razer device into Windows 10, the operating system automatically downloaded and installed the driver and the Razer Synapse software.
News URL
Related news
- Windows 10 users urged to upgrade to avoid "security fiasco" (source)
- Microsoft to force install new Outlook on Windows 10 PCs in February (source)
- Windows 10 KB5049981 update released with new BYOVD blocklist (source)
- Microsoft ends support for Office apps on Windows 10 in October (source)
- Windows 11 24H2 now also offered to all eligible Windows 10 PCs (source)
- January Windows 10 preview update force installs new Outlook (source)
- Windows 10 KB5051974 update force installs new Microsoft Outlook app (source)