As long as you have physical access, ~$20 bypasses all that security.
Thanks to a bug in Razer’s device installer, Windows 10’s security measures are easily defeated by simply plugging in any Razer peripheral. This means for about $20 (around the price of a Razer Deathadder v2 gaming mouse), you can get past any measures a user set up, provided you have physical access to their PC.
The bug was noticed by white hat hacker jonhat (@j0nh4t) over on Twitter. Notably, his post also includes a video of it in action.
To put this in layman’s terms, since plugging in a Razer device requires the install process, and that process requires the opening of an explorer window, and that window has admin access because it needs to ask you where to install the drivers, all it takes is a new Razer device without drivers to bypass security (assuming I have all of this down right). BleepingComputer confirms this works, as well.
Coincidentally, a response in jonhat’s thread confirms that simply spoofing the vendor id will work, so that $20 price tag isn’t necessarily necessary. Another responder confirmed that it works with ROG devices for similar reasons regarding the installer.
For their part, Razer has made an statement (via ComputerBase):
We were made aware of a situation in which our software, in a very specific use case, provides a user with broader access to their machine during the installation process.
We have investigated the issue, are currently making changes to the installation application to limit this use case, and will release an updated version shortly. The use of our software (including the installation application) does not provide unauthorized third-party access to the machine.
We are committed to ensuring the digital safety and security of all our systems and services, and should you come across any potential lapses, we encourage you to report them through our bug bounty service, Inspectiv: https://app.inspectiv.com/#/sign-up.
But should you be worried about it? Probably not. Basic precautions, like not leaving your laptop unattended in public places, or not letting randos use your PC, will cover most of the issue. After all, the bug requires physical access to exploit it.
Microsoft has yet to comment on the issue. Which is intriguing, as presumably this could work in Windows 11, though no one has tried it yet.
Source: PC Gamer