Kaspersky Endpoint Security 12 for Windows

Enabling and disabling BadUSB Attack Prevention

25 April 2024

ID 138434

USB devices identified by the operating system as keyboards and connected to the computer before installation of the BadUSB Attack Prevention component are considered authorized after installation of the component.

To enable or disable BadUSB Attack Prevention:

  1. In the main application window, click the Application settings icon in the form of a gear wheel. button.
  2. In the application settings window, select Essential Threat ProtectionBadUSB Attack Prevention.
  3. Use the BadUSB Attack Prevention toggle to enable or disable the component.
  4. In the USB keyboard authorization upon connection block, adjust security settings for entering the authorization code:
    • Maximum number of USB device authorization attempts. Automatically blocking the USB device if the authorization code is entered incorrectly the specified number of times. Valid values are 1 to 10. For example, if you allow 5 attempts to enter the authorization code, the USB device is blocked after the fifth failed attempt. Kaspersky Endpoint Security displays the blocking duration for the USB device. After this time elapses, you can have 5 attempts to enter the authorization code.
    • Timeout when reaching the maximum number of attempts. Blocking duration of the USB device after the specified number of failed attempts to enter the authorization code. Valid values are 1 to 180 (minutes).
  5. Save your changes.

As a result, if BadUSB Attack Prevention is enabled, Kaspersky Endpoint Security requires authorization of a connected USB device identified as a keyboard by the operating system. The user cannot use an unauthorized keyboard until it is authorized.

Did you find this article helpful?
What can we do better?
Thank you for your feedback! You're helping us improve.
Thank you for your feedback! You're helping us improve.