Notebookcheck
, , , , , ,
search relation.
, , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,
 

Razer's laptops confirmed to be affected by critical vulnerability

Razer is now working on a fix for the affected models released prior to 2016. (Source: Razer)
Razer is now working on a fix for the affected models released prior to 2016. (Source: Razer)
Razer issued fixes for all the models launched from 2016 onward, but owners of the Blade and Blade Pro models released prior to 2016 will have to wait for a few more weeks to get the fixes. The vulnerability is identical to the early 2018 CVE-2018-251 backdoor that affected Apple's MacBooks, which were sold with the Manufacturing Mode still enabled.
Bogdan Solca,

Working For Notebookcheck

Are you a techie who knows how to write? Then join our Team! English native speakers welcome!

News Writer - Details here

It might be pure coincidence, but it looks like more and more devices assembled on Chinese territories tend to come with some sort of vulnerability. Apart from Huawei’s handheld and laptop devices that are suspected to come with backdoors or exploits planted by the Chinese intelligence, one may remember Apple’s MacBook security flaws from early 2018, or the reports of HMD’s Nokia devices that were secretly sending user information to remote Chinese servers. According to a late March report, Razer’s laptops have also been found to be plagued with security vulnerabilities, and the company already stated that it is aware of these problems.

The security breaches in Razer’s laptops were first reported on seclists.org by Bailey Fox, who described the vulnerability as allowing “for attackers to safeguard rootkits with Intel Boot Guard, downgrade the BIOS to exploit older vulnerabilities such as Meltdown, and many other things." Fox also points out that this flaw seems to be identical to the CVE-2018-251 backdoor found on Apple’s MacBooks in early 2018. Back then, the Apple devices were discovered to have the Manufacturing Mode still enabled. This issue was not disclosed until June 2018 and Apple stated that it fixed the vulnerability in the High Sierra 10.13.4 version of its macOS released in March 2018.

The Razer case is a bit different. Fox disclosed the issue on March 21 and Razer only released firmware fixes on April 6, leaving all its laptop models vulnerable to attacks for a bit over 2 weeks. Tom’s Hardware reports that Razer managed to release firmware updates for all its models launched from 2016 onward. However, all previous models are still affected and "a software tool is being developed and will be available within a few weeks." Furthermore, Razer released a list with the affected models and all customers are kindly advised to reach out to Razer through its support page on the official website.

, , , , , ,
search relation.
, , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,
 
Laptop families and product codes for the affected models (Source: Tom's Hardware)
Laptop families and product codes for the affected models (Source: Tom's Hardware)
static version load dynamic
Loading Comments
Comment on this article
Bogdan Solca
Bogdan Solca - Senior Tech Writer - 1565 articles published on Notebookcheck since 2017
I first stepped into the wondrous IT&C world when I was around seven years old. I was instantly fascinated by computerized graphics, whether they were from games or 3D applications like 3D Max. I'm also an avid reader of science fiction, an astrophysics aficionado, and a crypto geek. I started writing PC-related articles for Softpedia and a few blogs back in 2006. I joined the Notebookcheck team in the summer of 2017 and am currently a senior tech writer mostly covering processor, GPU, and laptop news.
contact me via: Facebook
Please share our article, every link counts!
> Notebook / Laptop Reviews and News > News > News Archive > Newsarchive 2019 04 > Razer's laptops confirmed to be affected by critical vulnerability
Bogdan Solca, 2019-04- 9 (Update: 2019-04- 9)