Optional Update from Microsoft Addresses MouseJack Flaw in Windows

Microsoft, recently, issued one optional update which takes care of certain hacking method known as "MouseJack." Several patches exist in this update, which fix the various wireless mice based on Microsoft such as the Wireless Mouse 1000/2000/5000, the Arc Touch Mouse, the Sculpt Ergonomic Mouse, as well as others. It maybe noted that the update doesn't patch some other mice which intermediate suppliers manufacture.

Actually, Bastille a security company discovered vulnerabilities within the protocol that keyboards and wireless mice used for sending and receiving messages from the USB dongles attached to the user's laptop. It was discovered that data within wireless laptops could be faked, via force tricking USB dongles towards dispatching phony commands to the attached device -the commands could be related to sinister actions.

Now, MouseJack abuses many flaws within the interaction platforms connecting USB dongles fixed to PCs and keyboards and wireless mice. These vulnerabilities let criminals to create one fake wireless mouse remotely as far from 100 meters at the most while input malicious keystrokes rather than perform legitimate computer clicks.

Microsoft's latest KB3152550 update halts the kind of attack by employing one driver which sanitizes traffic that impacted Microsoft based wireless mice sends, thus ensuring there aren't any QWERTY key packets, which usually suggest keyboard traffic. Computerworld.com posted this, April 14, 2016.

The optional update, says Microsoft, sieves QWERTY key-frames within interactions via keystrokes with the USB dongle, plugged into a wireless mouse PC. Presently, one can find the flaw inside both 64-bit and 32-bit versions of Windows 10 ver. 1511, Windows 10, Windows 8.1 and Windows 7 Service Pack 1.

Since the MouseJack assault doesn't affect all kinds of users, such users don't require installing the update and also therefore, the latest Microsoft update has been given as optional.

Security Researcher Marc Newlin from Bastille tweets that Microsoft's patch remains short of complete. According to him, MouseJack assaults continue to be effective with Sculpt Ergonomic Mouse modules of Microsoft. He further expresses his unhappiness because Microsoft did not manage its own Windows for implementing one universal patch to address the problem with non-Microsoft devices.

» SPAMfighter News - 4/22/2016