HomeWinBuzzer NewsMicrosoft Calls out High-Severity Flaw in Huawei's PCManager Software

Microsoft Calls out High-Severity Flaw in Huawei’s PCManager Software

Huawei PCManagers strange startup mode has opened users to a flaw that attackers could exploit for privilege escalation. A fix is now rolling out for the issue.


has discovered a high-severity flaw in software for Windows PCs. Though use of its Windows Defender ATP software, it discovered an escalation flaw that could let low privilege attackers inject their own code or bypass driver signature enforcement.

Microsoft privately disclosed the issue to Huawei, who “co-operated quickly and professionally” to resolve it. Huawei Matebook users with PCManager can download the fix here.

As a result, up to date users shouldn't be at any serious risk. However, some will be naturally angry that the company introduced a security hole with its software. The purpose of PCManager is to aid in driver updates, but it seems the implementation was far from ideal.

“Attaching a kernel debugger and setting a breakpoint on the memcpy_s in charge of copying the parameters from kernel to user-mode revealed the created process: one of Huawei's installed services, MateBookService.exe, invoked with ‘/startup' in its command line,” explained Microsoft.

“Why would a valid service be started that way? Inspecting MateBookService.exe!main revealed a ‘startup mode' that revived the service if it's stopped – some sort of watchdog mechanism meant to keep the Huawei PC Manager main service running.”

It's this process that could give attackers an in, as the only form of verification was a file path check on a whitelist. With a modified MatebookBookService.exe, an attacker could introduce their own watched executable with full permissions.

The flaw doesn't do wonders for Huawei's image after the US government warned several countries to avoid the use of its device on military bases. The concerns followed allegations of compromised Chinese manufactured motherboards from Supermicro that made their way to major tech companies.

Ryan Maskell
Ryan Maskellhttps://ryanmaskell.co.uk
Ryan has had a passion for gaming and technology since early childhood. Fusing the skills from his Creative Writing and Publishing degree with profound technical knowledge, he enjoys covering news about Microsoft. As an avid writer, he is also working on his debut novel.

Recent News