Security News > 2021 > August > Razer bug lets you become a Windows 10 admin by plugging in a mouse
A Razer Synapse zero-day vulnerability has been disclosed on Twitter, allowing you to gain Windows admin privileges simply by plugging in a Razer mouse or keyboard.
When plugging in a Razer device into Windows 10 or Windows 11, the operating system will automatically download and begin installing the Razer Synapse software on the computer.
Need local admin and have physical access?- Plug a Razer mouse- Windows Update will download and execute RazerInstaller as SYSTEM- Abuse elevated Explorer to open Powershell with Shift+Right click.
As BleepingComputer has a Razer mouse available, we decided to test out the vulnerability and have confirmed that it took us about two minutes to gain SYSTEM privileges in Windows 10 after plugging in our mouse.
With that said, the bug is so easy to exploit as you just need to spend $20 on Amazon for Razer mouse and plug it into Windows 10 to become an admin.
When we plugged the Razer device into Windows 10, the operating system automatically downloaded and installed the driver and the Razer Synapse software.
News URL
Related news
- Windows 10 KB5055518 update fixes random text when printing (source)
- Bad luck, Windows 10 users. No fix yet for ransomware-exploited bug (source)
- Windows 10 KB5055612 preview update fixes a GPU bug in WSL2 (source)
- Microsoft silently fixes Start menu bug affecting Windows 10 PCs (source)
- M365 apps on Windows 10 to get security fixes into 2028 (source)
- Microsoft will update Office apps on Windows 10 until 2028 (source)
- Windows 10 KB5058379 update fixes SgrmBroker errors in Event Viewer (source)
- Windows 10 KB5058379 update triggers BitLocker recovery on some devices (source)
- Microsoft confirms May Windows 10 updates trigger BitLocker recovery (source)
- Windows 10 emergency updates fix BitLocker recovery issues (source)