Critical Bluetooth Vulnerabilities Discovered

The BlueBorne Threat

By now, many people may have heard about the BlueBorne threat. BlueBorne is a potentially serious attack that takes advantage of a number of recently discovered Bluetooth vulnerabilities affecting more than 5.3 billion Bluetooth enabled wireless devices worldwide. Bluetooth devices can include smartphones, laptops, tablets, printers, and a myriad of other IoT (Internet of Things) devices.

BlueBorne can provide an attacker with full control over a compromised Bluetooth device without the device owner even being aware of it. As well, BlueBorne allows that attacker to jump from one Bluetooth device to other Bluetooth devices that are within range.

Included in the list of affected devices are Android and Apple smartphones. Apple has already provided a fix via iOS 10.x. Previous versions, however, are vulnerable and iPhone users are urged to upgrade to the latest version of iOS, regardless of the age of your device. Google is releasing patches for more recent versions of the Android operating system. Older versions including Gingerbread, Ice Cream Sandwich, Jelly Bean KitKat and Lollipop cannot be patched and, therefore, are vulnerable.

Android users can download a BlueBorne vulnerability scanner via the Google Apps Store to see if their phone is vulnerable.

As more information concerning the BlueBorne threat continues to emerge, it is ultimately up to the users of potentially affected devices to protect themselves. If unsure about the security of a particular device, the best practice is to turn off Bluetooth until that device can either be upgraded or replaced.

For more detailed information on BlueBorne, please refer to the following website:

https://www.armis.com/blueborne/#/general

Comments are closed.