Quote:It’s not just Razer’s mice and keyboards that gobble up Windows 10’s tip-top, admin-level SYSTEM privileges: A SteelSeries bug also tosses off Windows 10 admin rights if you just plug in a device.
… Or, then again, you can save yourself some cash by simply tricking an Android phone into thinking a local privilege-escalation (LPE) testing script is a real human.
… Or, at least, it did work, until SteelSeries – a Danish manufacturer of gaming peripherals and accessories such as headsets, keyboards, mice, controllers and mousepads – patched the bug. The bug could be leveraged during the device setup process, by using a link in the License Agreement screen that opened with SYSTEM privileges.
0xsp research team leader Lawrence Amer published the bug on Monday, and BleepingComputer reported about it on Tuesday. SteelSeries later responded, telling the outlet that the company was aware of the issue and that it had removed the risk of exploitation by preventing the installation software from launching on plugging in a SteelSeries device.
The statement it sent to BleepingComputer: “We are aware of the issue identified and have proactively disabled the launch of the SteelSeries installer that is triggered when a new SteelSeries device is plugged in. This immediately removes the opportunity for an exploit and we are working on a software update that will address the issue permanently and be released soon.”
Read more: Win10 Admin Rights Tossed Off by Yet Another Plug-In
![[-]](https://www.geeks.fyi/images/collapse.png)
