Earlier this week, we learned that a security bug has been found in Razer's peripheral companion software, Synapse. The issue allows for admin privileges to be granted without authentication. Razer has now responded, confirming that a fix is on the way soon to mitigate this issue.
The bug itself could be exploited during the Razer Synapse installation process and requires physical access to the PC. Razer is making changes to the Synapse installation application to fix the issue.
In a statement, a Razer spokesperson said: “We were made aware of a situation in which our software, in a very specific use case, provides a user with broader access to their machine during the installation process. We have investigated the issue, are currently making changes to the installation application to limit this use case, and will release an updated version shortly. The use of our software (including the installation application) does not provide unauthorized third-party access to the machine.”
“We are committed to ensuring the digital safety and security of all our systems and services, and should you come across any potential lapses, we encourage you to report them through our bug bounty service, Inspectiv.”
If you're using Razer Synapse, then there should be an update coming your way soon. Discuss on our Facebook page, HERE.
KitGuru Says: Razer has a bug bounty program, so if you ever happen to stumble across an issue, be sure to report it.