You Must Check Your USB Devices For Unsafe Firmware, Here's How

Dhir Acharya - Feb 21, 2020

It's important to know if any of your USB devices have unsigned firmware so that you can take measures to protect yourself from attacks.

The USB peripherals you’re using may make your computer vulnerable to hackers. According to data security company Eclypsium, a large part of Linux and Windows-based peripherals rely on unsigned firmware, leaving them exposed to all kinds of cyberattacks, including spyware, ransomware, as well as full-on device takeovers.

The firmware that does not use a validation key, used to verify that drivers and updates are from the manufacturer, is called “unsigned.” Due to this, users may accidentally download, install fake drivers containing malicious code.

Check Your USB Devices For Unsafe Firmware

As of now, hackers have managed to exploit unsigned firmware on USB laptop trackpads, mice, even routers. However, all Linux and Windows hardware are able to use unsigned firmware, which includes webcams, hard drives, graphics cards, etc.

The bad news is that this problem can’t be solved unless the manufacturer releases new, signed firmware. It’s noted in the Eclyspium report that acknowledging the risks of unsigned firmware, some hard drive manufacturers updated their SSD and HDDs to accept only signed firmware. While many other firms have also updated their devices, many are still at risk.

Assume a device is properly updated, users still have to download and install the update on their own. And updating the firmware of a USB hub or a wireless mouse is not as easy as updating a smartphone.

Regardless, we should all check our devices for unsigned drivers and firmware. In case you cannot update the firmware on your peripherals, it’s still important to know if you are at risk of using fake drivers. Follow these steps to check your devices for unsigned drivers and firmware, if you’re a Windows user.

Check Your USB Devices For Unsafe Firmware

Step 1: Launch the Start menu on Windows.

Step 2: Search for Device Manager and run it.

Step 3: Once you’re in Device Manager, the next thing to do is right-click on a device, then click on Properties.

Step 4: Now, open the Driver tab where you will see Digital Signer. If this is listed as Unknown or it’s blank, the firmware is unsigned.

Step 5: Click on Driver details. Then you will see a pop-up window that shows a list of the installed drivers for the device. If a driver is signed, there will be a certification icon next to it as in the image above. Besides, the Digital Signer would be listed for that driver, which should match that Digital Signer you see in the Driver tab.

For Linux users, the process for checking the firmware will be different among different Linus distros.