How to Check USB Devices for Unsafe Firmware

USB peripherals can leave your computer vulnerable to hackers. Data security firm Eclypsium says that most Windows and Linux-based peripherals use “unsigned” firmware, which makes them open to all kinds of attacks – ransomware, spyware, and even full device hijacking.

Firmware is considered “unsigned” if it does not use a validation key – “signature”, so to speak – to check if drivers and updates are coming from the manufacturer, allowing you to accidentally download and install fake drivers containing malicious code. …

Hackers have successfully used unsigned firmware on USB mice , laptop trackpads, and even routers , but the entire range of Windows and Linux hardware can use unsigned firmware, including video cards , hard drives, webcams, and everything in between.

Unfortunately, the problem cannot be “fixed” unless the manufacturer of the device installs a new, signed firmware. The Eclyspium report notes that several hard drive manufacturers have updated their hard drives and SSDs to accept only signed firmware as the risks of unsigned firmware have become more publicized and many other companies have updated their devices in response to verified threats, but many other devices remain. risk.

And even if the device gets a proper update, many of them require the user to download and install it themselves. You cannot accurately update the firmware of a wireless mouse or USB hub like a smartphone.

However, reports from Eclypsium and other sources make it clear that we all need to check our devices for unsigned firmware and drivers. Even if you can’t completely update the firmware of all your peripherals, it’s still worth knowing which ones are potentially at risk of installing fake drivers. Here’s how to check for unsigned firmware and drivers on Windows:

  1. Open the Windows Start Menu.
  2. Find and launch “Device Manager”.
  3. In Device Manager, right-click the device and select Properties.
  4. Click on the “Driver” tab. You should also see a Digital Signer listed; if it is empty or indicated as “Unknown”, then the firmware is not signed.
  5. Then click “Driver Information”. A new window will appear with a list of installed drivers for this device. A certificate icon will be displayed next to the signed drivers, as in the screenshot above. You should also see the digitally signed person for the driver below, which must be the same as the digitally signing person under the Driver tab.

Linux users can also check if the device firmware is signed, but the exact steps will differ depending on the Linux distribution.

Check for software updates on any devices using unsigned firmware or drivers you find. Please note that even the most recent firmware that you download directly from the manufacturer may still be unsigned, in which case you need to make sure you update your device drivers correctly. This can be done using the driver updater built into your operating system; manufacturer update tool (if available); or by downloading and installing only updates directly from the official website of the company.

More…

Leave a Reply