Skip to main content
  1. Home
  2. Computing
  3. News

Security vulnerability leaves Razer laptops vulnerable to hacks

By
Razer Blade Stealth 2019
Dan Baker/Digital Trends

Some of Razer’s gaming laptops are currently impacted by a vulnerability that could leave the devices open to attacks. As reported by The Register, a security vulnerability in the Intel processors on Razer laptops was first discovered by a security expert in late March — and could mean that hackers might be able to implant malware and cause harm to affected systems.

A similar vulnerability to the one impacting Razer laptops — code-named CVE-2018-4251 — had previously been discovered in Apple laptops. In that case, Apple failed to disable what is known as Intel Manufacturing Mode on the system motherboard before sending systems off to consumers. Patches, however, were eventually released in late October to address the issue.

Recommended Videos

A similar problem also now applies to Razer laptops as, unlike Apple, the company apparently failed to initially spot or patch the vulnerability. It means that hackers who already hold administrative privileges could have the potential to modify the firmware on Razer gaming systems to infect with malware as they see fit. Hackers also could also change the firmware versions on the machines to hide malicious viruses, or even initiate the impacts from Meltdown vulnerability found in Intel’s chipsets. In both cases, any attacks from hackers would also be hard to spot by antivirus software — or even remove it.

Related

“Razer has been alerted to certain Intel Management Engine vulnerabilities in the Intel chipsets of several Razer laptop models. To address this issue, Razer laptops will ship from the factory with an update to remove these vulnerabilities,” Razer said in a statement.

According to Razer, products impacted by this vulnerability include the Base model of the 2018 Razer Blade 15, and also the 2018 and 2019 Razer Blade Advanced. Another model impacted is the 2018 Razer Blade Stealth 13. A software tool is being provided to apply an update to patch the issue with the Intel Management Engine, and it is being recommended for concerned users to approach Razer support for any assistance.

Razer is not alone when it comes to security vulnerabilities. Previously in 2016, a security researcher identified a Unified Extensible Firmware Interface (UEFI) bug in Lenovo’s ThinkPad System Management Mode (SMM) that would allow an attacker to bypass Windows’ security protocols.

Updated on April 3, 2019: Added a statement from Razer, link to the software tool, and more information on impacted models 

Editors’ Recommendations

Topics
Arif Bacchus
Arif Bacchus
Computing Writer
Arif Bacchus is a native New Yorker and a fan of all things technology. Arif works as a freelance writer at Digital Trends…
No, 1Password wasn’t hacked – here’s what really happened
A person using the 1Password password manager on a laptop while sat on a couch.

Password managers have been struggling with security breaches in recent months, with LastPass suffering a particularly bad hack as a notable example. So when 1Password users got an alert last week saying their Secret Keys and passwords had been changed without their knowledge, they were understandably panicked. Luckily, all was not what it seemed.

That’s because AgileBits, the company behind 1Password, has just explained exactly what went wrong during that event. And while it wasn’t as bad as everyone first thought, it still doesn’t paint AgileBits in a particularly good light.

Read more
Is macOS more secure than Windows? This malware report has the answer
A person using a laptop with a set of code seen on the display.

It’s a long-held belief that Macs are less at risk of malware and viruses than Windows PCs, but how true is that? Well, a new report has shed some light on the situation -- and the results might surprise you.

According to threat research firm Elastic Security Labs, roughly 39% of all malware infections happen on Windows PCs. In good news for Apple fans, only 6% of breaches occurred on macOS, making Mac systems far less vulnerable than their Windows counterparts.

Read more
Secondhand routers may be a serious security concern
A Wi-Fi router with an ethernet cable plugged in.

Security researchers have publicly revealed findings in a study that uncovered that more than half of the enterprise routers sold secondhand to online resellers, such as eBay, had not been factory reset and wiped of their data. This means the devices still contained sensitive company information from their previous owners when they were resold.

Researchers from the security firm ESET plan to showcase their study at the RSA security conference in San Francisco next week, but told Wired that they were able to uncover data of the enterprise organizations from the secondhand routers, including "network information, credentials, and other confidential data," with no major effort.

Read more