Researchers at U.S. tech giant Microsoft recently revealed that they discovered a backdoor in certain Huawei laptop models that allowed unprivileged users to gain access to all laptop data.
The BackdoorMicrosoft published a blog post on March 25 that detailed how researchers found the backdoor on Huawei’s laptops and then proceeded to fix the loophole. Microsoft said that after it informed Huawei of the backdoor, the Chinese tech manufacturer released a patch on Jan. 9 to fix the vulnerabilities.
Microsoft did not specify when it discovered the backdoor.
All computers have a kernel, which is the core of the computer’s operating system and can completely control everything on the device.
But then Microsoft detected an “anomalous” injected code in the kernels of the Huawei laptop model, Matebook.
Upon further investigation, Microsoft engineers traced the code to a device management software called PCManager that is pre-installed onto Huawei Matebooks. The software had included a driver that would allow unprivileged users to upgrade their access level to senior privilege. If these unprivileged users escalate to the highest Ring-0 privilege, they can visit all data on the computer and its connected computing system. If a third party gains access and inserts malware, it could ruin the computer’s operating system.
A computer’s user privilege has four levels. Ring-0 privilege in the kernel is the highest and allows users to control every hardware and software.
Microsoft reported the vulnerability to Huawei, and built a “detection mechanism that would raise an alert for any successful privilege escalation” in Matebooks, the blog explained.
Soon after, Microsoft engineers found another backdoor in the Matebook: the same unsafe driver provided a capability for unprivileged users to directly access all data without having to upgrade privilege levels.
On Jan. 9, Huawei released a fix for these two vulnerabilities.
"Huawei vehemently rejects any suggestion or inference that 'backdoors' exist in the development or delivery of any of our products or service," the statement read.
Huawei’s RecordThe company, one of the world’s largest manufacturer of telecommunications equipment, smartphones, and other electronic devices, has come under fire for its close ties to the Chinese regime, which the U.S. and other governments have warned could mean its products have backdoors that allow the Chinese regime access to spy on people overseas.
Huawei has continually denied those claims, including by reasoning that no backdoor incident has ever been detected. Though this latest Microsoft incident does not appear to involve the Chinese regime, there have been documented cases demonstrating Huawei’s liability.
The think tank pointed out that while it is possible Huawei was not aware of the alleged data theft, the company’s obliviousness would itself be cause for a “national security concern.”
The United States, Australia, New Zealand, and Japan have banned Huawei from its markets, citing security concerns. Several European mobile operators have also recently announced that they would not use Huawei’s products for their rollout of 5G network infrastructure.