![]() ![]() Kensington mice are expensive, and are probably disproportionately used by high-value targets. However, I wouldn’t rely on my intuition for your security. It’s much easier to get victims to download a fake version of Flash Player than it is to exploit a bug in a relatively uncommon piece of consumer software. Despite this, I intuitively doubt that either this or the previous vulnerability I found has been exploited in the wild. The victim doesn’t need to interact with the page at all. All an attacker needs to do in order to exploit the flaw is to trick a victim into visiting a malicious website and to stay there for a few minutes. KensingtonWorks is a piece of software that advanced users of these mice can download in order to bind their extra buttons to shortcut commands like copy, paste, volume, and zoom.īefore we see how the vulnerability in KensingtonWorks works, let’s talk about its practical implications. Kensingon sells mice with lots of extra buttons. But I’ll feel better when I remember that you can’t learn how to make better omelettes without analyzing insecurely broken eggs. I’ll feel a bit mean for zeroing in on the mistakes of one inoffensive company when all software is buggy and no one is safe. In this post we’ll look at how the second vulnerability works, and see the ways in which it’s a direct consequence of Kensington’s inadequate fix to the first. But if you do value these features then you’ve got a risk assessment on your hands. It’s easy and virtuous-sounding to declare that KensingtonWorks users should “uninstall the application immediately and wait for a fix,” and if you don’t particularly value your power-user features then I think that this would be prudent. The attacker can then execute arbitrary code on the target’s machine and take near-complete control of it. The victim doesn’t need to interact with the page all they need to do is stay on the site while background JavaScript silently exploits the KensingtonWorks defect. Like the previous vulnerability I reported, an attacker exploits this one by luring a victim to a malicious webpage. Kensington fixed this flaw, but I’ve found another RCE that, as of time of publishing, remains unpatched. KensingtonWorks is a tool made by a company called Kensington for adding power-user features to mice. I'm afraid that you really have no option but to wait for the next version.A few months ago I published a remote code execution (RCE) vulnerability in KensingtonWorks. As Peregrin Took says, "short cuts make long delays". ![]() Kensington took shortcuts and paid for it. There's definitely no "circle of blame" here. It wouldn't surprise me that any app trying hardware integration via electron would have all kinds of problems. It took a long time for its developers to get it working on Apple Silicon. Unfortunately, the electron framework does really crazy things, unlike any other app. Apple went to great efforts to ensure that virtually all existing Mac software would run without modification on the new chip. This is a cross-platform framework designed so that developers don't have to bother writing an actual Mac app. That may be the part that isn't working properly on M1. The part that defines those customizations is written in the notorious "electron" framework. As ugly as that part of the installer is, you are reporting that it works, just without any customization. Whoever hacked up the Kensington installer for Catalina and Big Sur did a terrible job. ![]() That tells me that those skeptical Chinese developers were right. It's working via USB connection but KensingtonWork says there's no USB connection and therefore no customization. It's working like a simple two-button mouse. There are some interested comments in the postinstall scripts written in Chinese that suggest the developers themselves aren't sure if it is going to work. ![]() I was curious about this so I downloaded the installer. So Kensington itself was unable to get their software working? And you are asking if there are any other Apple customers with an M1 computer and your specific trackball who were able to succeed where the developers of the product itself had failed? I've provided more information asking ANYBODY (else) if they actually have experience successfully installing KensingtonWorks despite what Kensington claims. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |