Content deleted Content added
wording. del unrefd opinion |
→Security: A firmware update for Unifying receivers addressing the "Encryption Key Extraction Through USB" vulnerability (CVE-2019-13054/55) was released on 28 August 2019.<ref name=2019patch/> |
||
Line 44:
== Security ==
Several security vulnerabilities of the Logitech Unifying
| url=https://github.com/mame82/misc/blob/master/logitech_vuln_summary.md
| title=Summary / Overview of known Logitech wireless peripheral vulnerabilities
| author=mame82
| date=2019-07-09
| accessdate=2019-07-25}}</ref> and patches released.
=== Mousejacking and keyjacking ===
Line 208:
==== Response ====
| url=https://support.logi.com/hc/en-001/community/posts/360032078393-Logitech-Response-to-Research-Findings
| title=Logitech Response to Research Findings
Line 216:
| archivedate=2019-07-09
| url-status=live
| accessdate=2019-07-25}}</ref><ref name=2019patch>{{cite web |url=https://support.logi.com/hc/en-us/community/posts/360033207154-Logitech-Unifying-Receiver-Update |title=Logitech Unifying Receiver Update|website=Logitech Support + Download |date=28 August 2019|author=}}</ref>
For Linux users there are native options to flash and experiment with such as [[fwupd]] and ''MouseJack''.<ref name="mousejack"/> However, with these tools a separate firmware binary is still required. Flashing on a Linux host via a hypervisor such as [[VirtualBox]] along with a Windows virtual guest image and the Windows Logitech update executable is also possible. If using a Windows virtual guest, it is recommended to have a second available pointing device while the dongle is being updated. The second pointing device may be needed to allow the user to select and enable pass through of the unifying receiver via the hypervisor task bar after executing the firmware updater so that the device is found and updated.
Line 224:
=== Other vulnerabilities ===
On July 9, 2019 another set of vulnerabilities was disclosed and documented by a different researcher.<ref name=vulerabilities/>
== See also ==
| |||