Do you use a Logitech wireless mouse, wireless keyboard, or presentation clicker with your computer? If so, your device is vulnerable to a number of hacks allowing attackers to take control of your computer relatively easily. Learn how to update your Logitech Unifying Receiver software to keep your devices safe and working properly.
While this vulnerability affects wireless devices from a number of manufacturers, this article is specific to how to update your Logitech wireless devices. For other manufacturers, refer to their websites for details.Pixabay / Photoshot
How the Logitech Unifying Receiver Hack Works
The first hack was discovered in 2016 (called "MouseJack"), but the Logitech Unifying Receiver is still at risk. It lets anything sending out a signal pretending to be a wireless mouse to connect to the wireless mouse receiver (dongle) plugged into any computer. The dongle allows the new signal to connect to your computer, no questions asked, and a hacker can gain control of your computer—no matter what security systems you have in place.
This hack works because wireless mouse traffic isn't always encrypted, like most wireless keyboard communication traffic. It affected wireless mice, keyboards, presentation clickers, and other wireless devices from a number of manufacturers, such as Logitech, Microsoft, Amazon, Dell, HP, and Lenovo. However, it's important to note this vulnerability doesn't affect Bluetooth devices or USB wireless dongles that aren't actively in use, just the ones plugged in to your computer.
More Risk for Wireless Devices
As security researchers looked into the vulnerability a little further, they discovered additional issues with these dongles. They discovered that attackers could monitor keyboard communication traffic, inject keystrokes through dongles not connected to a wireless keyboard, recover encryption keys, and take over your computer. Now it wasn't just dongles being used, but even ones not plugged into a computer.
The vulnerability was present in all these dongles because of a single wireless chip they use. In Logitech's case, their unifying technology is a standard piece of technology they've been shipping with a wide array of Logitech wireless gear for nearly a decade.
Identifying If Your Logitech Dongle Is Vulnerable
Logitech devices vulnerable to these attacks have an orange star printed on the side of the receiver that plugs into your computer.sfmine79 / Wikimedia Commons / CC BY 2.0
If you receiver doesn't have this star, you're probably safe, but it's still always a best practice to keep all your software and firmware updated to prevent being exposed to potential threats.
How to Update Your Logitech Unifying Receiver
Updating your Logitech unifying receiver to protect yourself from these attacks is relatively simple. Be sure to update it to the version released on or after August 2019 when Logitech released an additional patch.
Navigate to Logitech's update download page in a browser and download the appropriate Windows or Mac update package for your computer.
Double-click the update file to launch it (Windows) or unzip it, then double-click it (Mac). The Logitech Firmware Updating Tool should launch.
The tool will screen your computer and let you know if any Logitech devices need to be updated.
If it detects any devices to update, select Update.
If the devices are up to date, the tool informs you, and you can select Close to exit the tool.