Some viruses modify the firmware of USB devices to trick the operating system into detecting the USB device as a keyboard.
The BadUSB Attack Prevention component prevents infected USB devices emulating a keyboard from connecting to the computer.
When a USB device is connected to the computer and identified by the application as a keyboard, the application prompts the user to enter a numerical code generated by the application from this keyboard, or using On-Screen Keyboard (if it is available). This procedure is known as keyboard authorization. The application allows use of an authorized keyboard and blocks a keyboard that has not been authorized.
BadUSB Attack Prevention runs in background mode as soon as this component is installed. If a Kaspersky Security Center policy is not applied to a computer on which Kaspersky Endpoint Security is installed, you can enable or disable BadUSB Attack Prevention by temporarily pausing and resuming computer protection and control.
BadUSB Attack Prevention component settings
Parameter |
Description |
|---|---|
Prohibit use of On-Screen Keyboard for authorization of USB devices |
If the check box is selected, the application blocks use of On-Screen Keyboard for authorization of a USB device from which an authorization code cannot be entered. |