Logitech options are updated to fix a security issue

Logitech Options, the application designed to allow customization of Logitech mice, keyboards and touchpads, has received a major security patch that essentially fixes a security flaw that allowed attackers to inject arbitrary keystrokes and send system commands.

Logitech Options had a major security issue

Google's Project Zero security team hinted at the Logitech team about the bug in September. Logitech has already released Logitech Options version 7.00.564 to address security concerns. Google security researcher Tavis Ormandy in his bug report states that Logitech Options was opening a WebSocket server on the systems it is installed on without any origin verification process.

We recommend reading our article on Logitech G305 Review in Spanish (Complete analysis)

Along with the bug report, Ormandy personally reported the problem to Logitech engineers in mid-September. Logitech acknowledged the failure soon upon receiving its report. However, it took the company more than three months to submit its patch, more than Google Project Zero's 90-day deadline for public disclosure. Shortly after the bug report was released, it gained some attention among security researchers, and finally pushed Logitech to release the patch.

"The release of Logitech Options 7.00, which addresses source checking and type checking, is now available and can be downloaded for Windows and Mac, " Logitech wrote on Twitter on Friday to confirm the solution.

You can download the updated app to start customizing your Logitech mouse, keyboard, or touchpad. The app supports devices like MX Vertical, MX Ergo, MX Anywhere 2S, K600 TV Keyboard, MK850 Performance, MK540 Advanced, and MX900 Performance Combo for customizations.

Techpowerup font