Live Chat
  • One stop service: solve all your problems
  • Orders Tracking and shipped out notification
  • More campaigns, even more discounts!
  • Need help before making an order?
  • Chat with us in real-time.
  • For Aftersale issues, just submit a ticket. We will reply within 24 hours.
  • Multi-language service
  • 24/7 support available
Hi! Log Out Log In SIGN UP
Home > New Gear > Logitech wireless keyboard and mouse vulnerability jeopardizes affect the 2019 models
Logitech wireless keyboard and mouse vulnerability jeopardizes affect the 2019 models

Logitech wireless keyboard and mouse vulnerability jeopardizes affect the 2019 models

By  Sigismondo Eisenhower 2019-07-09 1772 0

A computer or a server are not the only targets to be attacked by third parties, sometimes something apparently as simple as a keyboard or mouse also serve to steal information or access and control a user's system. A recently discovered vulnerability in the wireless technology of Logitech products jeopardizes Logitech's brand peripherals, affecting models from 2009 to the present.

Logitech wireless keyboard and mouse

Security expert Marcus Mengs has found a security breach in Logitech mouse and keyboards. Certain models that are connected wirelessly to the computer via a USB receiver are at risk. The error allows the attacker to keep a record of the keys pressed by the user on the keyboard for example, although he can also send his own commands to the computer to infect it with malware. According to Heise, the company has confirmed the gap found by Marcus Mengs.

How the attack works?

Logitech wireless keyboard and mouse 

To understand the attack, you need to understand the wireless technology used by Logitech. This is Unifying, a wireless standard that allows multiple input devices to operate with a single USB receiver connected to the computer. These receivers are usually identified by a small orange star drawn on the USB.

Through a security hole in Unifying the attacker can create a backdoor to inject malicious software into the computer or simply get information. All remotely using Logitech wireless technology. In fact not only does it use this technology to infiltrate the system, but it can follow continuous communication via the back door. They are usually used only to carry out the attack and then the data is obtained or controlled via the local network/Internet.

While the security hole is severe, performing the attack is more complicated than it seems. To infiltrate the computer the attacker needs to have temporary access to the keyboard to press a series of keys with which to record the radio traffic used for the attack. In other words, physical presence is required to carry out the first attack.

Who is affected by vulnerability and what can be done?

Logitech wireless keyboard and mouse​ 

As we've seen, the vulnerability affects Logitech devices that use Unifying wireless technology. It is a technology used since 2009 and compatible with most wireless keyboards and mouse from the manufacturer. Unifying is used in both economy and high-end models. If the USB receiver connected to the computer has an orange star, it means that it is Unifying.

For now, the only thing the user can do to improve their security is to upgrade the firmware on the Logitech peripheral to the latest version. This is done with the Logitech SecureDFU firmware update tool. The latest firmware versions available are: 012.008.00030, 012.009.00030, 024.006.00030 and 024.007.00030 On the other hand, with Unifyng Software you can check .

Which version is currently installed

Updating the firmware to the latest version does not guarantee that an attack cannot occur. It's going to be hard for Logitech to completely solve the software problem, because it would mean breaking the compatibility of dozens of products with the Unifying standard. Logitech recommends "keeping your computer (with a USB receiver) where strangers can't physically access or manipulate it.

 You may also want to read:
 HUAMI AMAZFIT Verge 2 Marvel edition features and price
 AfterShokz releases Aeropex and Xtrainerz bone-conducting headphones
 AMD Ryzen 9 3900X's overclocking performance details revealed

Gearbest 20 shopping tips

Extensive Product Selection

● Over 300,000 products

● 20 different categories

● 15 local warehosues

● Multiple top brands

Convenient Payment

● Global payment options: Visa, MasterCard, American Express

● PayPal, Western Union and bank transfer are accepted

● Boleto Bancario via Ebanx (for Brazil)

Prompt Shipping

● Unregistered air mail

● Registered air mail

● Priority line

● Expedited shipping

Dedicated After-sales Service

● 45 day money back guarantee

● 365 day free repair warranty

● 7 day Dead on Arrival guarantee (DOA)

Prev article:Xiaomi Mi A3 and Mi A3 Lite will be clones of Mi CC9 and Mi CC9e: Here is the evidence

Next article:Forbes indicates that Nintendo Switch Mini (Mini Switch 2) will have a 1080P screen and better performance

You might also like: