It is always a bit of a shock when an easily exploitable way to gain SYSTEM or root-level privileges comes to light, especially for overworked, underpaid system administrators who have to get to work pronto before man+dog have a go.
And so our gast was flabbered this week by a Twitter post by ‘jonhat’ which showed that just by installing a gaming component (Mouse, Keyboard, Neural link etc.) from the gaming accessory company Razer, it is possible to achieve God like privileges on standard configuration Windows 10 and 11 machines really very simply.
The issue is that in its eagerness to please, Windows allows third party components to download drivers from the manufacturer’s site, and during this process, the installation allows the User to break out into a Powershell window which having been spawned from a SYSTEM level process (the installer), is itself all powerful.
Yes, you heard that right. Your kid can now jack your home machine, the kids who work for you (even the 55-year-old ones) can jack their local machines and then do all sorts of carnage across the estate and more importantly, any hacker or Red Teamer with physical access to one of your machines can get the job done in no time and go back to watching Rick And Morty.
The Razer & SteelSeries Windows PrivEsc vulns are fun, but there are tons of devices that may be vulnerable.— _MG_ (@_MG_) August 27, 2021
We have a list of ~2500 possible devices! The easiest way to test is to use something like an OMG Cable or BashBunny to spoof the VID/PID.
This ‘feature’ can be fixed using the Settings/System/About/Advanced Systems Settings/Hardware/Device Installation settings configuration pane or using your Windows Management software of choice.
There is a comprehensive write up of this issue here.
This week, the big friendly government of the United Kingdom announced that it would be overhauling privacy rules (e.g. GDPR) post Brexit, a move it would seem, if you believe the words of the Culture secretary that amongst other tremendous benefits will ‘lead to an end to irritating cookie popups and consent requests online’.
How very, very thoughtful. One presumes that the lack of a requirement for Cookie acceptance banners, a move that is being considered and is in fact part of PECR, predating GDPR, is entirely altruistic and will not be misused to track the people by friends or foe.
Never mind then that a huge amount of time, effort and money went into these standards, agreed and ratified across the globe. As one of our esteemed colleagues said:
“Changes that threaten the UK’s adequacy decision from the EC puts UK based hosting and processing of data at considerable risk and will waste 5 years plus of business investment in compliance with a world-leading privacy regime”.
The same old sage also said that the problem with PECR is that nobody understands it and call it GDPR. We can only hope that UKG takes appropriate advice before doing something monumentally stupid. And then we woke up.
Fresh from pulling security from far flung lands, this week the POTUS held a cyber security session behind closed doors with the great and the good of large Information Technology businesses in order to gather support for improving American corporate security and putting an end to damaging Ransomware attacks.
The meeting was followed by a flurry of breathless announcements which, in some cases, verge on the ludicrous and were obviously formulated by people adept and practiced at responding to RFPs. IBM for instance announced a product called ‘IBM Safeguarded Copy’ which it turns out is a snapshot backup regime that can minimise the time to restore in the event of an attack and has been around for pretty much ever.
What will come of this is anyone’s guess. We wonder what the mints, water and coffee were like at the big meeting. If ever there were a leveller, it is surely these things.
Here at Tiberium HQ we have been full steam ahead building more automation into our products and onboarding more customers. In a LinkedIn post this week, we pointed out that our FROST service starts at £375 per month for up to 50 endpoints. That is £7.50 per user, per month. About the cost of a pint in a central London Pub these days.
We think you would be crazy not to have a look at our services and would really appreciate showing you them. Please contact us.
Now, the song. Razor is a song by the Foo Fighters. The first line is ‘Wake up it’s time’. Time to give us a call.