{"id":19239,"date":"2018-12-17T08:29:10","date_gmt":"2018-12-17T07:29:10","guid":{"rendered":"http:\/\/blog.netspark.de\/?p=19239"},"modified":"2018-12-16T18:36:06","modified_gmt":"2018-12-16T17:36:06","slug":"logitech-options-vulnerable","status":"publish","type":"post","link":"https:\/\/blog.netspark.de\/?p=19239","title":{"rendered":"Logitech Options vulnerable!"},"content":{"rendered":"

\"\"Logitech’s Options Software is the key component to
\ncustomize the behavior of your input devices from them.
\nHowever an exploit has been discovered by the Google
\nProject Zero team. All users should update immediately!<\/p>\n

If you haven’t done so already, download he newest version that adresses the problem, here: https:\/\/www.logitech.com\/en-us\/product\/options<\/a><\/p>\n

If you don’t update, then chances are high that your computer may be hacked in no time:<\/p>\n

Attackers could exploit this issue by sending simulated keystrokes from any website and thus execute pretty much anything on affected systems.<\/p>\n

Ormandy discovered the issue when he installed the software to configure the buttons of his mouse on Windows. The 150 MB large application automatically starts when Windows starts and then also opens the vulnerable port on which a websockets service runs. Websites can communicate directly with the websockets service and because there is no authentication, it will accept any command it receives. Even worse, the software also doesn\u2019t check where the commands originate from, which means it will accept any commands from any website.<\/p>\n

Only one small security measure could stop a possible attack but is easily bypassed, as Ormandy explains, \u201cthe only \u201cauthentication\u201d is that you have to provide a pid [process ID] of a process owned by your user, but you get unlimited guesses so you can brute force it in microseconds.\u201d<\/p>\n","protected":false},"excerpt":{"rendered":"

Logitech’s Options Software is the key component to customize the behavior of your input devices from them. However an exploit has been discovered by the Google Project Zero team. All users should update immediately!<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[55,3,2949,19],"tags":[1156,920,603,289,2132,3450],"class_list":["post-19239","post","type-post","status-publish","format-standard","hentry","category-computer-2","category-news","category-technology","category-thoughts-2","tag-driver","tag-logitech","tag-software","tag-update","tag-vulnerability","tag-zero-day"],"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/blog.netspark.de\/index.php?rest_route=\/wp\/v2\/posts\/19239","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/blog.netspark.de\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blog.netspark.de\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blog.netspark.de\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/blog.netspark.de\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=19239"}],"version-history":[{"count":0,"href":"https:\/\/blog.netspark.de\/index.php?rest_route=\/wp\/v2\/posts\/19239\/revisions"}],"wp:attachment":[{"href":"https:\/\/blog.netspark.de\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=19239"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blog.netspark.de\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=19239"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blog.netspark.de\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=19239"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}