How to Update Your Logitech Unifying Receiver

Upgrade the firmware of Logitech's wireless dongles

Logitech Wireless Mouse

Photoshot/Pixabay

Do you use a Logitech wireless mouse, wireless keyboard, or presentation clicker with your computer? If so, your device is vulnerable to a number of hacks allowing attackers to take control of your computer relatively easily. Learn how to update your Logitech Unifying Receiver software to keep your devices safe and working properly. 

While this vulnerability affects wireless devices from a number of manufacturers, this article is specific to how to update your Logitech wireless devices. For other manufacturers, refer to their websites for details.

How the Logitech Unifying Receiver Hack Works

The first hack was discovered in 2016 (called "MouseJack"), but the Logitech Unifying Receiver is still at risk. It lets anything sending out a signal pretending to be a wireless mouse to connect to the wireless mouse receiver (dongle) plugged into any computer. The dongle allows the new signal to connect to your computer, no questions asked, and a hacker can gain control of your computer—no matter what security systems you have in place. 

This hack works because wireless mouse traffic isn't always encrypted, like most wireless keyboard communication traffic. It affected wireless mice, keyboards, presentation clickers, and other wireless devices from a number of manufacturers, such as Logitech, Microsoft, Amazon, Dell, HP, and Lenovo. However, it's important to note this vulnerability doesn't affect Bluetooth devices or USB wireless dongles that aren't actively in use, just the ones plugged in to your computer. 

More Risk for Wireless Devices

As security researchers looked into the vulnerability a little further, they discovered additional issues with these dongles. They discovered that attackers could monitor keyboard communication traffic, inject keystrokes through dongles not connected to a wireless keyboard, recover encryption keys, and take over your computer. Now it wasn't just dongles being used, but even ones not plugged into a computer. 

The vulnerability was present in all these dongles because of a single wireless chip they use. In Logitech's case, their unifying technology is a standard piece of technology they've been shipping with a wide array of Logitech wireless gear for nearly a decade. 

Identifying If Your Logitech Dongle Is Vulnerable

Logitech devices vulnerable to these attacks have an orange star printed on the side of the receiver that plugs into your computer.

Logitech Unified Receiver - Early Model
Wikicommons/MiNe (sfmine79) 

If you receiver doesn't have this star, you're probably safe, but it's still always a best practice to keep all your software and firmware updated to prevent being exposed to potential threats.

How to Update Your Logitech Unifying Receiver

Updating your Logitech unifying receiver to protect yourself from these attacks is relatively simple. Be sure to update it to the version released on or after August 2019 when Logitech released an additional patch.

  1. Navigate to Logitech's update download page in a browser and download the appropriate Windows or Mac update package for your computer.

  2. Double-click the update file to launch it (Windows) or unzip it, then double-click it (Mac). The Logitech Firmware Updating Tool should launch.

  3. Select Continue.

    Logitech Unifying Receiver Update Tool
  4. The tool will screen your computer and let you know if any Logitech devices need to be updated. Follow the instructions as needed.

  5. If it detects any devices to update, select Update.

    Logitech Unifying Receiver Update Tool
  6. If the devices are up to date, the tool will inform you, and you can select Close to exit the tool.

    Logitech Unifying Receiver Update Tool