Armis Labs has found a new bluetooth security vulnerabilities that could potentially affect eight plus billion devices. They named this vulnerability “BlueBorne” after bluetooth and the fact this problem is spread over the air. This security risk affects most bluetooth devices on Google Android, Microsoft Windows, MAC iOS, and Linux operating systems.
If your device has bluetooth it most likely is at risk, but not to fear monger. I will go over what patches have been released later in this blog post. Eight vulnerabilites with four being marked critical were found this past summer.
Malware can be spread via this vulnerability. Also, your data is at risk and this opens up the possibility your device will become compromised in other words hacked. All sorts of nefarious activities can occur.
An attacker does not even need to connect to your bluetooth device. Another problem is that this vulnerability is basically a virus. Each vulnerable device on a network can become infected.
Also, most operating systems give administrator or in the case of Linux root privileges. This makes this vulnerability extremely insecure. This BlueBorne vulnerability can potentially affect all bluetooth devices which have been estimated at over eight billion devices in two thousand seventeen.
What makes this type of attack so potent is that this type of an attack is called airborne. What this means is that this is not necessarily just an Internet exploit. As long as an attacker can see your device airborne, then they can potentially take control of your device.
Remember, an attacker does not need to pair to your device. Google issued a security patch in early September two thousand seventeen for their Android operating systems. In early July, Microsoft released a security update for all their operating systems.
This blueborne vulnerability has affected Microsoft Windows Vista, 7, 8, and 10. All linux devices running bluez and kernel 3.3-rc1 are vulnerable. All Apple devices running iOS 9.3.5 or older are vulnerable.
Apple released a patch in iOS 10 to mitigate this problem. Finally, what can you do to mitigate this airborne blueborne bluetooth security vulnerabilities?
If you are not certain if your device is patched or NOT, then do not enable bluetooth when not using this technology. Also, when it comes to iOS, make sure you upgrade to newest version of iOS possible. As a rule you should always install the newest version of an operating system and or newest security updates that are released.
Android phone operating system users can download a blueborne application, from the Google Play store that will detect whether or not your device or other devices around you are at security risk.