About

SteelSeries software hit by zero-day vulnerability

Steelseries software is vulnerable and causes privilege escalation attack on the Windows 10 local computer. SteelSeries provides gaming keyboards, and the SteelSeries software is the driver software to run the gaming keyboard. The privilege escalation happens through installation of malicious code on the local workstation during the installation process of the SteelSeries software. Subsequent to the zero-day attack, the attacker assumes administration rights on the local computer.

Steelseries Gaming Keyboard

The credit for detecting the vulnerability goes to 0xsp’s Lawrence Amer, and although he tried demonstrating the vulnerability to the folks at SteelSeries, he was unable to make any headway. The software remains impacted, and poses serious security challenge on the Windows 10 workstations.

The malicious code will install on the local computer when you download the SteelSeries software during the course of installation. During the install process, you are given an option to read about the license terms and there is an option to click on ‘Learn More’. If the user clicks on the ‘Learn More’ button, the install process downloads another file on to the computer. This malicious code results in a privilege-escalation attack, wherein the local administrator account is taken over. You can read more about the exact process that causes the local workstation to be compromised with the malicious code in Lawrence’s security test note.

The vulnerability remains unfixed. We will suggest keeping an eye on the SteelSeries software. May be, avoid it for now till the time we have a security patch in place to handle the privilege escalation attacks on your Windows 10 system.