(Update 1: It seems that Logitech has launched an updated version of their Options software with a fix for the vulnerabiity - but this only happened after the vulnerabiiity became public. You can go on over Logitech's own webpage to download the updated version, which includes the fix in its changelogs, from here. Safe browsing.)

Adding to the critical vulnerability galore that's been coming out of Google's Project Zero, a researcher has demonstrated how an inherent bug in the "Logitech Options" software renders users vulnerable when visiting web pages. Tavis Ormandy, with Google Project Zero, found that Logitech Options opens a local Websocket port that doesn't require authentication for external commands. Attackers could exploit this issue by sending simulated keystrokes from any website - and thus execute pretty much anything on affected systems.