Cyberattackers are using zero-day vulnerabilities in the popular Razer Synapse software to gain system privileges by simply plugging in a Razer mouse or keyboard to a computer. A zero-day vulnerability is an issue that was discovered by attackers before the software vendor has become aware of it.
Razer manufacture high end peripherals (such as keyboards and mice), optimized for specific uses. This makes them very popular among PC enthusiasts and gamers. The Synapse software, affected by the bug, is used to customise Razer hardware devices, such as set up keyboard shortcuts or program dedicated buttons.
Upon plugging in a Razer device to the Windows 10 or 11 operating system the plug-and-play installer will automatically begin to download the Razer Synapse software onto the computer.
Security researcher jonhat discovered the bug in the plug-and-play Razer Synapse installation that allows users to gain system privileges of the computer very quickly.
System privileges are the highest user rights available, which means that any user account with these rights can execute (run) any command on the computer. Cyberattackers strive to have these rights as it will allow them to install whatever malicious software they like without windows being able to block it. This malicious software (malware) could allow the Cyberattackers to access, modify or delete sensitive business information such as emails or any other file stored or accessed on the computer.
Exploits like this are relatively uncommon and could be discovered by a Cyberattacker at any time. Therefore, it is important to keep up to date with the security status of software installed on your business computers. We recommend not installing software you aren’t certain you need and to make sure to always keep it up to date, so patches like this are not accessible on your system.
Follow Cyber Wise on Twitter @cyber-wise and visit our website to see what we could do to help make your business safer online.