Vigil@nce - Windows: character injection via Microsoft Wireless Mouse
April 2016 by Vigil@nce
This bulletin was written by Vigil@nce : https://vigilance.fr/offer
SYNTHESIS OF THE VULNERABILITY
An attacker can send radio packets to USB dongles of Microsoft
wireless mouses, in order to inject characters in the current
application.
Impacted products: Windows 10, Windows 7, Windows 8.
Severity: 1/4.
Creation date: 13/04/2016.
DESCRIPTION OF THE VULNERABILITY
Several mouses of brand Microsoft use a wireless technology.
However, a near field attacker can send "QWERTY Key" packets,
which simulate pressed keys.
An attacker can therefore send radio packets to USB dongles of
Microsoft wireless mouses, in order to inject characters in the
current application.
ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN
https://vigilance.fr/vulnerability/Windows-character-injection-via-Microsoft-Wireless-Mouse-19369