Microsoft spots critical flaw in Huawei's Matebook device manager driver
Huawei is currently facing serious allegations regarding its links to the Chinese espionage services. The U.S. along with an increasing number of states across the world are now looking to ban any hardware manufactured by Huawei, including the upcoming 5G infrastructure. At first, some Huawei handsets were suspected of integrating spying hardware that sent all voice recordings to Chinese government servers, but new evidence brought up by Microsoft shows that laptops from the Matebook series might have been “equipped” with backdoor-like software that allowed remote system access.
Microsoft stated that the security flaws found in the Huawei Matebook laptops were discovered through the Windows Defender ATP kernel sensors, which managed to trace the vulnerability back to a management driver installed by default on the portable devices. Apparently, Huawei’s driver that is provided in order to facilitate remote device management also enabled access to the lowest levels of the Windows 10 OS, thus allowing for backdoor-like attacks that can potentially lead to ransomware scenarios similar to WannaCry.
It is interesting to point out that Microsoft discovered the security flaw in Huawei’s Matebook laptops back in January and chose not to alert the media at that point, probably in order to avoid further escalation of the allegations. Microsoft contacted Huawei directly and the vulnerability was patched soon after.