A minor security issue with Logitech keyboard software iTouch has been identified in a SecurityFocus post. This issue refers to the programmable multimedia and internet keys. Normally these keys should be disabled when you lock your PC for instance with a password protected screensaver. However, these buttons still function. While the assigned programs do not appear in the foreground, they still run on the computer behind the "Computer Locked" window.
Thusly, a DoS attack can be performed, just by pressing one of the buttons numerous amounts of times, easily opening 100 copies of whatever program they have been assigned to. By default they are mainly assigned to run IE. Other things are possible if you use your imagination. None of them appear that great though, unless the user has linked these buttons to other programs, ones that are possibly insecure and left unrunning otherwise. Or you can always stop someone's music from playing even when they have "locked" their PC. Logitech has been contacted about 1 month ago and they have confirmed it is indeed a problem with their software, but a fix is not yet out. Source: SecurityFocus
Thusly, a DoS attack can be performed, just by pressing one of the buttons numerous amounts of times, easily opening 100 copies of whatever program they have been assigned to. By default they are mainly assigned to run IE. Other things are possible if you use your imagination. None of them appear that great though, unless the user has linked these buttons to other programs, ones that are possibly insecure and left unrunning otherwise. Or you can always stop someone's music from playing even when they have "locked" their PC. Logitech has been contacted about 1 month ago and they have confirmed it is indeed a problem with their software, but a fix is not yet out. Source: SecurityFocus
