Huawei MateBook Laptops Flaw Worked Like NSA-Style Backdoor Access

Huawei MateBook Laptops Flaw Worked Like NSA-Style Backdoor Access

The security flaw on MateBook laptops was nothing but a Huawei-written driver

Highlights
  • Huawei patched the security flaw in January
  • Microsoft's security team was able to detect the loophole
  • It is alleged to have "hallmarks of a 'backdoor'" built by NSA

Huawei has patched a security flaw on some of its MateBook laptop models that could have been used to take user control. The vulnerability that was fixed by the Chinese company back in January and was detailed by Microsoft late last month was related to a preloaded software called PCManager. It appeared to act as a watchdog -- following a technique originally used by the National Security Agency (NSA) in the US. Microsoft's Windows 10 Defender Advanced Threat Protection (ATP) was able to spot the problem on Huawei machines. The latest discovery comes just days after a UK government report highlighted "serious vulnerabilities" in various Huawei devices.

As noted by Ars Technica, the vulnerability wasn't a typical malware or a bug, instead, it was a Huawei-written driver that was acting as a watchdog to monitor the system through a regular user mode service. If the service is crashed or stopped running, the driver had the capability to restart it.

The security team at Microsoft was able to detect the issue -- thanks to an alert raised by the Windows 10 ATP. "We traced the anomalous behaviour to a device management driver developed by Huawei," Microsoft Defender Research Team wrote in a blog post last month. "Digging deeper, we found a lapse in the design that led to a vulnerability that could allow local privilege escalation."

Huawei in January released a fix that was primarily updating the PCManager software to patch the security loophole.

However, concerns have been raised around how Huawei is designing its software to obtain backdoor access. A BBC report citing a computer security expert based at Surrey University underlines that the newly discovered flaw had the "hallmarks of a 'backdoor'" built by US's NSA to keep an eye on targets.

This is notably not the first time when Huawei has raised eyebrows for a serious security issue. Last week, a report published by a UK government-led board claimed "significant technical issues" and "underlying defects" in Huawei products it examined. The Shenzhen-based company is also facing US pressure over espionage fears.

Affiliate links may be automatically generated - see our ethics statement for details.
Comments

For the latest tech news and reviews, follow Gadgets 360 on Twitter, Facebook, and Google News. For the latest videos on gadgets and tech, subscribe to our YouTube channel.

Jagmeet Singh writes about consumer technology for Gadgets 360, out of New Delhi. Jagmeet is a senior reporter for Gadgets 360, and has frequently written about apps, computer security, Internet services, and telecom developments. Jagmeet is available on Twitter at @JagmeetS13 or Email at jagmeets@ndtv.com. Please send in your leads and tips. More
WhatsApp Privacy Setting for Group Invites Now Available via Android, iPhone Beta: Here's How to Install, Use
Battlefield V Gets In-Game Currency That You Can Buy With Real Money

Related Stories

Share on Facebook Tweet Snapchat Share Reddit Comment
 
 

Advertisement

Advertisement

© Copyright Red Pixels Ventures Limited 2021. All rights reserved.
Listen to the latest songs, only on JioSaavn.com