Discovering a Bluetooth vulnerability that puts billions of devices at risk, Android and not

Although patches of security are sometimes confined to closing relatively dangerous flaws, their effectiveness returns to the fore in a new vulnerability, brought to light by researchers at Armis, a California security company.

Nadir Israel, CTO and co-founder, says the company has found a major vulnerability in Bluetooth connectivity  that puts billions of devices running Android, Linux, and Windows at risk. Even devices with iOS older than version 10 are not immune, while the Windows Phone results are protected.

In fact, since July, Windows PCs are safe, thanks to a patch distributed by Microsoft, though not all users may have installed it. As for AndroidGoogle has released a patch to smartphone manufacturers last month, which should be released today on Nexus and Pixels, since other users will have to wait for release from their respective manufacturers.

The vulnerability, called BluBorne, allows any attacker to connect within 10 meters to your device without the need to grant permission. In this way, by exploiting a flaw in the implementation of Bluetooth on Android, you can remotely run the code with unforeseeable consequences.

According to some researchers, the vulnerability is unlikely to be used for attacks on Android or Linux devices, pointing out that no such attacks have been reported in the case of WiFi Broadcom chips.

Tracy

Tracy

Always on the move… Love to blog, write about smartphones, technology and telecoms. I also like to snowboard, when I have the time :p I’ll be around for a while so, be prepared.

Leave a Response