You are now subscribed
Your newsletter sign-up was successful
Want to add more newsletters?
Every Friday
GamesRadar+
Your weekly update on everything you could ever want to know about the games you already love, games we know you're going to love in the near future, and tales from the communities that surround them.
Every Thursday
GTA 6 O'clock
Our special GTA 6 newsletter, with breaking news, insider info, and rumor analysis from the award-winning GTA 6 O'clock experts.
Every Friday
Knowledge
From the creators of Edge: A weekly videogame industry newsletter with analysis from expert writers, guidance from professionals, and insight into what's on the horizon.
Every Thursday
The Setup
Hardware nerds unite, sign up to our free tech newsletter for a weekly digest of the hottest new tech, the latest gadgets on the test bench, and much more.
Every Wednesday
Switch 2 Spotlight
Sign up to our new Switch 2 newsletter, where we bring you the latest talking points on Nintendo's new console each week, bring you up to date on the news, and recommend what games to play.
Every Saturday
The Watchlist
Subscribe for a weekly digest of the movie and TV news that matters, direct to your inbox. From first-look trailers, interviews, reviews and explainers, we've got you covered.
Once a month
SFX
Get sneak previews, exclusive competitions and details of special events each month!
Recently, a white hat hacker discovered an odd exploit which allows you to give yourself full admin rights on a Windows 10 PC just by plugging in a Razer mouse and installing Razer Synapse. It turns out it's not just Razer products that can do this, though.
Best CPU for gaming: the top chips from Intel and AMD
Best graphics card: your perfect pixel-pusher awaits
Best SSD for gaming: get into the game ahead of the rest
Twitter user @zux0x3a discovered a similar exploit with SteelSeries headsets, mice, and keyboards. Like with the Razer products, the problem lies with the hardware's proprietary software that gives itself system-wide privileges without asking for the system administrator's permission. Theoretically, someone could go to your workplace PC when you're not around and plug in the dongle for a wireless Razer or SteelSeries mouse, install Synapse or SteelSeriesGG, and gain full system privileges, which could wreak havoc on a corporate network if they mean to do harm.
it is not only about @Razer.. it is possible for all.. just another priv_escalation with @SteelSeries https://t.co/S2sIa1Lvjv pic.twitter.com/E3NPQnxqo2August 23, 2021
Initially, the fault was thought to be with Razer or SteelSeries. But as Tom's Guide points out, this is more of a Windows issue: It can't distinguish between hardware drivers (things that usually don't need admin permissions) and peripheral software (which do).
For the moment, the recommendation if you want your PC to be locally secure (this only works if someone has physical access) is to make sure your screen is locked while you're away, and to find the Windows Device Installations Settings prompt (search for it from the Start menu) where you can tell Windows not to automatically download hardware manufacturer apps and custom icons. (With that setting turned off, you may run into minor issues the next time you plug in a new device.)
A spokesperson for SteelSeries told to our friends over at Tom's Guide:
"We are aware of the issue identified and have proactively disabled the launch of the SteelSeries installer that is triggered when a new SteelSeries device is plugged in. This immediately removes the opportunity for an exploit, and we are working on a software update that will address the issue permanently and be released soon."
