37 thoughts on “Logitech keyboards and mice vulnerable to extensive cyber attacks”

  1. TL;DR: Any Logitech hardware using the Unifying wireless technology is affected. The attacker can install a backdoor/keylogger if he’s in the range of the receiver. There are currently several security flaws and only some of them have been batched.

    If you own these products make sure to install the latest firmware for these devices and keep a lookout for further updates in August. The update software seems to be somewhat broken and can report that you’re up-to-date despite having old firmware installed. Follow the instructions in the article to make sure.

  2. Ah, so wired stuff isnt affected then. Cool, im safe.

    I never liked wireless things tbh. Mostly from the old days when wireless batteries didnt last long – i know its no longer the case now, but there’s nothing i would hate more than having my mouse or kb die in a middle of doing something. Im also already charging my phone, my watch, my VR controllers, my PS controllers, my switch and my headphones – i dont really want to also have to charge my mouse and KB. So wired it is for me!

  3. This is a bummer. I bought a wireless Logitech gaming mouse because the ergo was perfect for me (I have large, sweaty hands). Kind of crazy that they’ve been shipping these receivers since 2009.

  4. Completely irrelevant for private users.

    Not only do you need to be within wireless reach (which is ten meters at best but limited to the room you are in and maybe the adjacent in practice) but also either had physical access to the device to press some buttons (for the injecting keystrokes vulnerability) or record the one time pairing process.

    This might honestly be a clusterfuck for a company that utilizes a lot of Logitech products, but the attacking surface against a private user is pretty low.

  5. This is a non-issue. Most of these need physical access in which case your computer is already compromised. The one remote vulnerability requires the attacker to be within range when pairing and honestly, how many people even know you can pair your device with a different dongle? The low % of users that do know about it aren’t going to be pairing their devices so often that it’s a problem.

  6. Logitech has had issues up and down with software and firmware for years. That there are issues is really unsurprising.

  7. Got to the word “wireless” and stopped reading. Thank you Logitech g510s and prodigy. I ain’t got time for batteries and charging.

  8. They mention almost as an afterthought that lightspeed gaming wireless stuff is affected but nothing on how to make sure *those* are secure.

    Anyone have any details on that topic?

  9. Most of these devices have a Bluetooth component to them. If you’re using that you should be fine. It’s the Logitech Unifying bit that’s not secure since it’s not encrypted at all.

  10. Lol some of these require physical access to the keyboard, you may as well just install a hardware keylogger at that point, which affects literally every keyboard on earth.

    While I would remove these keyboards from a secure environment pending driver patches and perhaps institute some compensating controls in a corporate environment, this is really overselling the issue.

    You have to be <30 ft away to do most of this.

  11. It’s clickbait, it’s a Logitech Radio keylogger and you have to be within 30ft. And own *Wireless* Logitech gear.

  12. Wouldn’t the one where they get physical access to the keyboard/mouse, press some buttons and see what signal is sent be a flaw with all wireless that doesn’t use a time-shifting key?

  13. I could see this being a big deal in a business, apartment, or dorms, but if you’re in a house, it’s highly unlikely that your next door neighbor or the ghost of Margot Kidder is hiding in the bushes actively scanning the wireless for unifying receivers, or could even get signal through the walls, I think the range is only like 10-25 feet at max.

    Sure you should patch it as needed, but I’m not going to lose any sleep over it.

  14. Itt: boomers don’t read the article and make fun of people with wireless peripherals despite the vulnerability being limited by proximity

  15. Good old security vulnerabilities that require physical access. Nothing to see here, moving on..

  16. If you are worried about security don’t use wireless keyboards. These types of vulnerabilities are not new.

Leave a Reply

Your email address will not be published. Required fields are marked *