Connect with us

Hi, what are you looking for?



Microsoft Patches “Mousejack” Vulnerability

Microsoft released several security updates this month as part of its regular Patch Tuesday update, including the overhyped Badlock flaw.

Microsoft released several security updates this month as part of its regular Patch Tuesday update, including the overhyped Badlock flaw. One patch that went largely unnoticed, however, was an optional update meant to resolve Mousejack, a security bug that could allow an attacker to hijack the users’ wireless mice to execute malicious commands on the affected computer.

The issue was disclosed in February by researchers at IoT security company Bastille, who revealed that a $15 USB dongle can be used to run arbitrary commands into a victim’s computer from up to 100 meters (328 feet) away. Having the dongle connected to his/her laptop, an attacker can download malware, steal files, and perform other activities that require access to the computer’s keyboard.

At the time, researchers said that the vulnerability affects wireless mice and keyboards from Dell, Logitech, Microsoft, HP, Amazon, Gigabyte, and Lenovo, but that devices from other vendors could also be affected. The flaw affects USB dongles shipped with wireless keyboards and mice and can be exploited to attack any PC, Mac or Linux computer.

As part of its latest Tuesday patches, Microsoft released an optional update to improve input filtering for certain Microsoft wireless mouse devices. As the company explains in the update’s security advisory, the patch resolves a vulnerability where keyboard HID packets can be injected into Microsoft wireless mouse devices through USB dongles.

To block this type of attack, the company has released a filter driver as part of the optional update, so that input from affected Microsoft wireless mice is monitored, ensuring that no QWERTY key frames that normally indicate keyboard traffic go through.

According to Microsoft, affected devices include Sculpt Ergonomic mouse, Sculpt Mobile Mouse, Wireless Mobile Mouse 3000 v2.0, Wireless Mobile Mouse 3500, Wireless Mobile Mouse 4000, Wireless Mouse 1000, Wireless Mouse 2000, Wireless Mouse 5000, and Arc Touch Mouse. The update was released for Windows 7, Windows 8.1 and Windows 10 machines, the company also said.

The update was not released for Windows Server devices and does not resolve the issue in non-Microsoft wireless mice and keyboards, Marc Newlin, one of the researchers who discovered the flaw in the first place, says.  The Microsoft Sculpt Ergonomic Mouse is still vulnerable to the attack, Newlin said.

Advertisement. Scroll to continue reading.

Owners of Microsoft wireless mice are advised to install the optional update, to minimize attack surface. The update can be applied either automatically, through Windows Update, or manually, by opening Windows Update from the Control Panel, checking for updates and finding and installing this specific patch from the list of optional updates.

Related: Microsoft, Samba Patch “Badlock” Vulnerability

Written By

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

SecurityWeek’s Threat Detection and Incident Response Summit brings together security practitioners from around the world to share war stories on breaches, APT attacks and threat intelligence.


Securityweek’s CISO Forum will address issues and challenges that are top of mind for today’s security leaders and what the future looks like as chief defenders of the enterprise.


Expert Insights

Related Content


Less than a week after announcing that it would suspended service indefinitely due to a conflict with an (at the time) unnamed security researcher...

Data Breaches

OpenAI has confirmed a ChatGPT data breach on the same day a security firm reported seeing the use of a component affected by an...

Risk Management

The supply chain threat is directly linked to attack surface management, but the supply chain must be known and understood before it can be...


The latest Chrome update brings patches for eight vulnerabilities, including seven reported by external researchers.


Patch Tuesday: Microsoft warns vulnerability (CVE-2023-23397) could lead to exploitation before an email is viewed in the Preview Pane.


Apple has released updates for macOS, iOS and Safari and they all include a WebKit patch for a zero-day vulnerability tracked as CVE-2023-23529.

IoT Security

A group of seven security researchers have discovered numerous vulnerabilities in vehicles from 16 car makers, including bugs that allowed them to control car...

IoT Security

A vulnerability affecting Dahua cameras and video recorders can be exploited by threat actors to modify a device’s system time.