Security

Razer – perfectly happy to sell you a laptop for over $2,000, but when it comes to fixing security holes... tough sh*t

Slack motherboard firmware controls leave machines open to deep-rooted malware

63 Got Tips?

Updated Gaming PC specialist Razer has been singled out for leaving its motherboards vulnerable to a well-known and critical firmware vulnerability.

Infosec bod Bailey Fox said Razer's Intel notebook models are still vulnerable to CVE-2018-4251, a security screw-up that potentially allows malware with administrative rights to alter the system's firmware, thus allowing it to burrow deep into the PC and survive reboots and hard drive wipes. The issue has been known about since last year, and has been patched by manufacturers, but not by Razer, it seems.

"Razer has a vulnerability affecting all current laptops, where the SPI flash is set to full read/write and the Intel CPU is left in ME Manufacturing Mode," Fox explained late last month.

"This allows for attackers to safeguard rootkits with Intel Boot Guard, downgrade the BIOS to exploit older vulnerabilities such as Meltdown, and many other things."

The CVE-2018-4251 weakness was documented in public last June, after bug-hunters spotted that some Apple machines shipped with Intel's Management Engine (ME) manufacturing mode left enabled, rather than disabled. System builders are supposed to write their core firmware to the motherboard flash then disable manufacturing mode.

If you have a software nasty on your computer with admin rights, it's already a game-over situation: the code can spy on you, steal your data, and so on, and your next option is to delete the malware or wipe your storage and start from a clean backup. However, with the ability to write to and bury itself in your motherboard firmware via this left-open mode, the malware could ensure it survives a drive wipe or change, and evades detection from antivirus tools.

Such was the worry in October of last year when Apple moved to issue a security update to close the vulnerability in its gear.

If Fox is to be believed, and there is no reason to doubt the researcher, then Razer machines would be left open to similar types of attack. What's worse, Fox claims to have been in contact with Razer, only to have the company decline to acknowledge and put out a fix for the issue.

The Register asked Razer for its side of the story, but at the time of publication we have yet to hear back from the gaming hardware giant.

In the meantime, gamers should be wary of attacks, but there is no reason to panic.

As we already stated, exploiting this bug would require the aggressor to have local admin-level access to the machine, and if a miscreant is running privileged code on your PC, there are about a thousand other things you'll want to worry about before considering the integrity of your mobo firmware. ®

Updated to add

"Razer has been alerted to certain Intel Management Engine vulnerabilities in the Intel chipsets of several Razer laptop models," the laptop maker told The Regiser.

"To address this issue, Razer laptops will ship from the factory with an update to remove these vulnerabilities. For currently shipped products, Razer has provided a software tool to apply this update."

It confirmed the affected Razer laptop models are the Blade 15 (Advanced model - 2018, 2019, Base model - 2018), and Blade Stealth 13 (2019). We're told the Razer Blade Stealth (2017) is also affected.

Sign up to our NewsletterGet IT in your inbox daily

63 Comments

Keep Reading

ME! ME! ME! – Intel's management tech gets a quartet of security fixes

Check your computer makers for patches

AI snatches jobs from DJs and warehouse workers, plus OpenAI and PyTorch sittin' in a tree, AI, AI, AI for you and me

Roundup January's other AI news summarized for you... by a human... honest

Windows 7 goes dual screen to shriek at passersby: Please, just upgrade me or let me die

Bork!Bork!Bork! Anything but this

Well bork me sideways: A railway ticket machine lies down for a little Windoze

Bork!Bork!Bork! Southampton Central: 'Old fashioned', 'tired', and now... borked

Bend me, shape me, anyway you want me: Teradata talks up cloud integrations in bid to fend off native competition

Would you like it in a box? Would you like it with a fox?

Inflated figures and customers who were never there. Just another data migration then

Who, Me? Well, this is awkward

Android PDF app with just 100m downloads caught sneaking malware into mobes

Scram CamScanner, says Kaspersky

Bite me? It's 'byte', and that acronym is Binary Interface Transfer Code Handler

Who, Me? Beware the forgotten bit of test text lurking in the application

Y2K, Windows NT4 Server and Notes. It's a 1990s Who, Me? special

Who, Me? Or: yet more uses for CD trays in racked servers

Intel's Software Guard caught asleep at its post: Patch out now for SGX give-me-admin hole

Chipzilla adds to Windows IT admins security update load

Tech Resources

National / Industry / Cloud Exposure Report (NICER) 2020

Rapid7’s National / Industry / Cloud Exposure Report (NICER) for 2020 is the most comprehensive census of the modern internet. In a time of global pandemic and recession, the …

Three reasons you need a hybrid multicloud

Businesses need their IT teams to operate applications and data in a hybrid environment spanning on-premises private and public clouds. But this poses many challenges, such as managing complex networking, re-architecting applications for the cloud, and managing multiple infrastructure silos. There is a pressing need for a single platform that addresses these challenges - a hybrid multicloud built for the digital innovation era. Just this Regcast to find out: Why hybrid multicloud is the ideal path to accelerate cloud migration.

IBM and Nvidia® Solutions Power Insights with the New AI

IBM is well-positioned to help organizations incorporate high-performance solutions for AI into the enterprise landscape.

The Enterprise Buyer’s Guide for FIDO Credentials

Choosing secure credentials for your organization is a balancing act. This guide will help you navigate the complexity of the credential selection process.