The macro functions aren't unique to the Apex Pro Mini, but its tiny dimensions make them extra helpful. Anyone without a spare USB-C port will need to use the included cable and USB-A adapter, which allows the dongle to be placed farther from a PC tower and on a desk instead. The dongle automatically detects the keyboard, and I was able to start typing right away and enjoy the default lighting state, displaying a slow right-to-left rainbow fade.
Setting the Apex Mini up was breezy for the most part. A USB-C port allows for wired use with and updating firmware with an included cable, and a small keycap puller is in the box if you want to make any changes. Towards the rear is a sliding switch for selecting either 2.4GHz wireless via the included dongle or Bluetooth 5.0. The keycaps have a rough finish, preventing finger slips you get with glossy keyboards and most laptops. Weighing around 540g, it's as tiny as it looks with a 293mm width, 103mm depth, and flip-out legs underneath with two height selections for typing at elevated angles.Īnyone without a spare USB-C port will need to use the included cable and USB-A adapter. Gorgeously displayed in a slide-out box, the keyboard feels sturdy and well made. My first impressions of the Apex Pro Mini were pretty fantastic. (Image credit: Ben Wilson | Windows Central)
There's likely to be other software that can be exploited in similar ways to grant local privilege escalation, and we'll likely hear similar stories come out in the near future.SteelSeries Apex Pro Mini Wireless close up. Aside from Razer and SteelSeries peripherals, other brands likely have similar software with vulnerabilities like this on Windows 10. With these vulnerabilities discovered in Windows 10, it seems like this could open the floodgates. This was demonstrated by Twitter user an0n, who had also done the same for the Razer vulnerability. Additionally, just like the Razer vulnerability, this doesn't require a real SteelSeries device, as that information can be spoofed with an Android phone to trick Windows into downloading the SteelSeries software. Even if SteelSeries fixes the issue here, the current dangerous file can be saved and distributed to carry out the attack in the future. The second installer, extracted by the first one, will always run under the SYSTEM user. Not only that, but this vulnerability can't exactly be patched.
0 kommentar(er)
