0 Members and 1 Guest are viewing this topic.285 views

*

Offline Rune

Major Security Issue (Mice/Keyboards)
« on: January 12, 2018, 19:39:18 »
Working with IT security irl, I suppose I would shoutout to the members on the forums as well.


"MouseJack is a class of vulnerabilities that affects the vast majority of wireless, non-Bluetooth keyboards and mice. These peripherals are 'connected' to a host computer using a radio transceiver, commonly a small USB dongle. Since the connection is wireless, and mouse movements and keystrokes are sent over the air, it is possible to compromise a victim's computer by transmitting specially-crafted radio signals using a device which costs as little as $15."



Article about the issue:
https://www.bastille.net/research/vulnerabilities/mousejack/affected-devices

Basically, if you have a wireless keyboard/mouse from specific vendors you can be affected.

Not all the devices have received a firmware update from the manifacturer.

Logitech:
https://community.logitech.com/s/question/0D531000058b3B7CAI
Note: You can only update 1 receiver at a time, so be sure only to have 1 plugged. The firmware updater will also tell you if you have more than 1 connected.

Microsoft:
https://www.microsoft.com/accessories/en-us/downloads/mouse-keyboard-center

Lenovo:
https://support.lenovo.com/dk/en/product_security/len_4292

You can find the same links on the article.

I would advice against using any of the mice/keyboards which do not have a fix yet.

 

SimplePortal 2.3.6 © 2008-2014, SimplePortal