Huawei MateBook Laptops Flaw Worked Like NSA-Style Backdoor Access

Share on Facebook Tweet Share Reddit Comment
Huawei MateBook Laptops Flaw Worked Like NSA-Style Backdoor Access

The security flaw on MateBook laptops was nothing but a Huawei-written driver

Highlights
  • Huawei patched the security flaw in January
  • Microsoft's security team was able to detect the loophole
  • It is alleged to have "hallmarks of a 'backdoor'" built by NSA

Huawei has patched a security flaw on some of its MateBook laptop models that could have been used to take user control. The vulnerability that was fixed by the Chinese company back in January and was detailed by Microsoft late last month was related to a preloaded software called PCManager. It appeared to act as a watchdog -- following a technique originally used by the National Security Agency (NSA) in the US. Microsoft's Windows 10 Defender Advanced Threat Protection (ATP) was able to spot the problem on Huawei machines. The latest discovery comes just days after a UK government report highlighted "serious vulnerabilities" in various Huawei devices.

As noted by Ars Technica, the vulnerability wasn't a typical malware or a bug, instead, it was a Huawei-written driver that was acting as a watchdog to monitor the system through a regular user mode service. If the service is crashed or stopped running, the driver had the capability to restart it.

The security team at Microsoft was able to detect the issue -- thanks to an alert raised by the Windows 10 ATP. "We traced the anomalous behaviour to a device management driver developed by Huawei," Microsoft Defender Research Team wrote in a blog post last month. "Digging deeper, we found a lapse in the design that led to a vulnerability that could allow local privilege escalation."

Huawei in January released a fix that was primarily updating the PCManager software to patch the security loophole.

However, concerns have been raised around how Huawei is designing its software to obtain backdoor access. A BBC report citing a computer security expert based at Surrey University underlines that the newly discovered flaw had the "hallmarks of a 'backdoor'" built by US's NSA to keep an eye on targets.

This is notably not the first time when Huawei has raised eyebrows for a serious security issue. Last week, a report published by a UK government-led board claimed "significant technical issues" and "underlying defects" in Huawei products it examined. The Shenzhen-based company is also facing US pressure over espionage fears.

Affiliate links may be automatically generated - see our ethics statement for details.
Comments

For the latest tech news and reviews, follow Gadgets 360 on Twitter, Facebook, and subscribe to our YouTube channel.

Jagmeet Singh Tech journalist by profession, tech explorer by passion. Budding philomath. More
WhatsApp Privacy Setting for Group Invites Now Available via Android, iPhone Beta: Here's How to Install, Use
Battlefield V Gets In-Game Currency That You Can Buy With Real Money
 
 

Advertisement

 

Advertisement

© Copyright Red Pixels Ventures Limited 2019. All rights reserved.