Razer mice could let strangers take over your Windows 10 PC

razer deathadder
(Image credit: Razer)

UPDATE, 8/23: A Razer spokesperson got in touch with Tom's Guide to issue the following statement:

"We were made aware of a situation in which our software, in a very specific use case, provides a user with broader access to their machine during the installation process. 

"We have investigated the issue, are currently making changes to the installation application to limit this use case, and will release an updated version shortly. The use of our software (including the installation application) does not provide unauthorized third-party access to the machine. 

"We are committed to ensuring the digital safety and security of all our systems and services, and should you come across any potential lapses, we encourage you to report them through our bug bounty service, Inspectiv: https://app.inspectiv.com/#/sign-up."

ORIGINAL: Razer makes some excellent gaming mice, from the versatile Razer DeathAdder V2, to the diminutive Razer Orochi V2. But while the peripherals themselves are beyond reproach, the software could leave a big hole in your PC’s defenses. A security researcher recently discovered that he could trick the Razer Synapse software into thinking he had full admin access in Windows 10, and the trick is easy to replicate. The bad news is that there’s no fix yet, but the good news is that the risk for most users seems minimal.

Information comes from Windows enthusiast site MSPoweruser, reporting on a Twitter thread from security researcher “jonhat.” In a short video, jonhat demonstrates an escalation-of-privilege flaw inherent to Razer mice. If exploited, this flaw lets a malefactor access any Windows 10 PC as an administrator, rather than a limited user. Once that happens, they could steal files or install malware.

Before we get into the specifics of how the vulnerability works, there are two important pieces of information to keep in mind. First and foremost, Razer does not yet have a patch for this flaw. The company patches its Synapse software frequently, so expect an update soon. Until then, however, it’s up to users to protect their own machines.

That brings us to the second point: the flaw is relatively impractical to exploit in everyday circumstances. To gain admin access via a Razer mouse, a malefactor needs physical access to a PC. That means a stranger would need to be in your home or your workplace, unsupervised, and have a Razer mouse or dongle handy. This could admittedly happen in a shared workplace, but it would take a lot of effort and coordination to pull off.

In any case, here’s how the flaw works: First, a malefactor plugs a Razer mouse into a Windows 10 PC. Assuming that Synapse isn’t already installed, the mouse will run an EXE called “RazerInstaller.” The vulnerability lies in the fact that RazerInstaller runs as SYSTEM rather than an individual user account.

As such, a user can pick a location to install Synapse. Once Windows Explorer is open, they can then run Powershell and use the Command Prompt to do, well, almost anything. A savvy Command Prompt user can copy files, install software, or just flat-out wipe a PC.

Technically speaking, you don’t even need a Razer mouse to replicate this flaw. Simply creating a USB drive that mimics a Razer mouse would suffice. As long as the RazerInstaller EXE runs from the USB drive, the rest of the vulnerability is relatively easy to exploit.

Luckily, Razer Synapse updates automatically by default, so once Razer puts out a patch, most users should get it without any extra effort. Microsoft can also remove the faulty driver from Windows Update, and replace it with a newer one when available. In the meantime, however, make sure you keep your PC — and your Razer mice — to yourself.

TOPICS
Marshall Honorof

Marshall Honorof is a senior editor for Tom's Guide, overseeing the site's coverage of gaming hardware and software. He comes from a science writing background, having studied paleomammalogy, biological anthropology, and the history of science and technology. After hours, you can find him practicing taekwondo or doing deep dives on classic sci-fi. 

Read more
Windows
240 million Windows 10 users are vulnerable to six different hacker exploits — protect yourself now
MacBook Pro 16-inch 2021 sitting on a patio table
Critical macOS flaw puts your data and cameras at risk — update right now
A laptop displaying the Chrome logo
Don't click this — malicious ads impersonating Google Chrome spreading dangerous malware
Find My iPhone
Apple Find My hack turns any Bluetooth device into a secret AirTag — what we know
A magnifying glass on top of the Steam logo in a web browser
Valve recommends a full PC reset after malware-infected game discovered on Steam
and image of the Google Chrome logo on a laptop
Popular Chrome extensions hijacked by hackers in widespread cyberattack — 3.2 million at risk
Latest in Windows Operating Systems
Microsoft Office is finally as it should have been on iPad
Microsoft tests free Word, PowerPoint and Excel apps for Windows — expect a lot of ads
laptop anger
Latest Windows 11 update reportedly breaking major parts of the operating system
Windows 10 logo
Windows 10 end of life set for this year — everything you need to know to get ready
Windows 11 logo on a laptop screen
I reviewed Windows 11, and these are the 5 new features I'm most excited about for 2025
A Windows 11 laptop, demonstrating how to run Android apps on Windows 11
How to remove the Windows 11 news and weather widget
Man typing on Windows 11 laptop
Microsoft confirms major Windows 11 and Windows 10 audio bug is cutting sound on PCs
Latest in News
iPhone 16 with Apple Intelligence logo for iOS 18.1
iOS 18.4: All the newest Apple Intelligence features coming to your iPhone
Maria Debska in "Just One Look" now streaming on Netflix
3 best Netflix shows in March you haven't watched yet
Split image featuring the Galaxy S25 Edge (left) and Galaxy S25 Ultra (right)
Samsung Galaxy S25 Edge just tipped for two Galaxy S25 Ultra-level features
Wolfenstein: The Old Blood
Amazon is giving away a ton of free games for its Big Spring Sale — here’s how to claim yours
A TV with the Netflix logo sits behind a hand holding a remote
Netflix is rolling out a big video quality upgrade — what you need to know
Choi Hyun-Wook, Hong Kyung, and Park Ji-hoon in "Weak Hero Class 1" now streaming on Netflix
This action-packed K-drama is now streaming on Netflix — and now’s the time to binge-watch before season 2
  • BEAUFORD_SAVAGE
    "but only if they can be there in-person"
    Then don't let anyone in a hoody use your computer. On TV all hackers wear hoody's with the hood up.
    Or change mouse.
    Reply