Batu69 Posted April 14, 2016 Share Posted April 14, 2016 Microsoft has released an update for its wireless mice that should better protect the devices against hackers. The optional update improves security of wireless mice by filtering packets originating from wireless USB dongles that might be keystrokes. This technology is similar to technology found in firewalls. A recently discovered vulnerability makes it possible to send malicious packets to wireless mice that can simulate key presses on the computer. The keypresses can then send commands to the computer that allow an attacker to take full control over the computer. For an attack to be successful the attacker has to be within a 100 meter range of the victim’s computer. The attack is better known as MouseJack and abuses the fact that wireless mice don’t encrypt the communication between them and the USB dongle. This is different from wireless keywords which encrypt all communication with the USB dongle. With the Mouse Jack attack it’s possible to replace the unencrypted radio signal between the wireless mouse and USB dongle. By replacing packets it’s possible to simulate key presses instead of mouse clicks. The discoverers of Mouse Jack have demonstrated that attackers can install a rootkit within 10 seconds with equipment sold for less than $15. Mice from Microsoft, HP, Gigabyte, Amazon, Logitech, Dell and Lenovo are known to be vulnerable to such an attack. Today’s update is for the following Microsoft mice, the Sculpt Ergonomic, Sculpt Mobile, Wireless Mobile 3000 v2.0 and Wireless (Mobile) Mouse 1000, 2000, 3500, 4000 and 5000 and the Arc Touch Mouse The optional update can be downloaded through Windows Update. Article source Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.