Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2016.0950
Update to Improve Wireless Mouse Input Filtering
13 April 2016
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: Microsoft wireless mouse devices
Publisher: Microsoft
Operating System: Windows 7
Windows 8.1
Windows 10
Impact/Access: Reduced Security -- Console/Physical
Resolution: Patch/Upgrade
Original Bulletin:
https://technet.microsoft.com/library/security/3152550
- --------------------------BEGIN INCLUDED TEXT--------------------
Microsoft Security Advisory 3152550
Update to Improve Wireless Mouse Input Filtering
Published: April 12, 2016
Version: 1.0
Executive Summary
Microsoft is announcing the availability of an update to improve input
filtering for certain Microsoft wireless mouse devices. The update enhances
security by filtering out QWERTY key packets in keystroke communications
issued from receiving USB wireless dongles to wireless mouse devices. This
improvement is part of ongoing efforts to improve the effectiveness of
security in Windows and Microsoft devices. For more information, see Microsoft
Knowledge Base Article 3152550.
A vulnerability has been discovered that allows keyboard HID packets to be
injected into Microsoft wireless mouse devices through USB dongles. USB
dongles will accept keyboard HID packets transmitted to the RF addresses of
wireless mouse devices.
Recommendation
Microsoft recommends installing a filter driver available as an optional
update for customers who use wireless mouse devices affected by this
vulnerability. For the list of affected devices, see the Affected Devices
section. For more information about affected operating systems, see the
Affected Software section.
Microsoft recommends that customers test any new settings prior to
implementation in their environments. Please see the Suggested Actions section
of this advisory for more information.
Affected Software
This update in this advisory applies to the following operating systems:
Windows 7
Windows 7 for 32-bit Systems Service Pack 1
Windows 7 for x64-based Systems Service Pack 1
Windows 8.1
Windows 8.1 for 32-bit Systems
Windows 8.1 for x64-based Systems
Windows 10
Windows 10 for 32-bit Systems[1]
Windows 10 for x64-based Systems[1]
Windows 10 Version 1511 for 32-bit Systems[1]
Windows 10 Version 1511 for x64-based Systems[1]
[1] Windows 10 updates are cumulative. The monthly security release includes all security fixes for vulnerabilities that affect Windows 10, in addition to non-security updates. The updates are available via the Microsoft Update Catalog
Affected Devices
For this advisory, the following Microsoft wireless devices are affected:
Sculpt Ergonomic mouse
Sculpt Mobile Mouse
Wireless Mobile Mouse 3000 v2.0
Wireless Mobile Mouse 3500
Wireless Mobile Mouse 4000
Wireless Mouse 1000
Wireless Mouse 2000
Wireless Mouse 5000
Arc Touch Mouse
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
http://www.auscert.org.au/render.html?cid=1980
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iQIVAwUBVw3evX6ZAP0PgtI9AQLleA/+ON7bWEY6CNAeGCvdSMN09PntbKzpjwt8
2v0rqY0t7XLXzHM1NAv81v684kd994Dlb1m+u46I5sJ6F4fRM8AR1lrJ7HmasyPa
hv1XIsNX28ipR2wXDygbB/uQH4zkQqYPS+jfHUrviDQbwrCk+KSyaz0NKBj1Z2Tl
A0sLVVrSb5QGKO+KnNIwFWtVUOkBM8/Bc9GmU75UvukVaSCdK6ECe9Ni/7bpmYPF
6/gZ/fTQT1e/EVx3s9L7SzaNpXvzL5hnY9Z/p93MaN5w/MiWpbl17E/KzcWPq9qD
pAHqjyM1EOdv5txVeIXxQFehCI86NFhlCc+H8reBP4YEKul7kjAMjywph2jOdjMC
OLlgJ7fIGm6h9MHlCI95XnTCU2Zo1PWx8yEjvR1skgqYjVZR4fADHp/GQepXoN1B
CoGBy4c+F8EtOZfyCRxkDM74F4vCn2ryuvNUbnz7M41ezZYGErQa6udM13b51mby
jqmEJwrR73+f1OijjHisIV7P2Q8w65iaeBoOuktf/UGQJHHpQVsHoTCCkDIaXAol
pM5cD2x18+zpqwx3UHvOybuCmMbZgCAuK5HcOvp3oj12LcADRzaUUP1xn1EGFMpM
EWUNs83TxpiuPMRRtbIosZv8A42+RdARdx+RGpg1aqIvfCDDt85MRTTiG4jItXWQ
oaq8eH7DGag=
=i8+e
-----END PGP SIGNATURE-----