BlueBorne Vulnerabilities Impact Over 5 Billion Bluetooth-Enabled Devices (iOS+PC+linux+Android)

[Elixer]

And 90% of those devices will never see a patch for them.

They affect the Bluetooth implementations in Android, iOS, Microsoft, and Linux, impacting almost all Bluetooth device types, from smartphones to laptops, and from IoT devices to smart cars.

Three of these eight security flaws are rated critical and according to researchers at Armis — the IoT security company that discovered BlueBorne — they allow attackers to take over devices and execute malicious code, or to run Man-in-the-Middle attacks and intercept Bluetooth communications.

Furthermore, the vulnerabilities can be concocted into a self-spreading BlueTooth worm that could wreak havoc inside a company's network or even across the world.

https://www.bleepingcomputer.com/ne...act-over-5-billion-bluetooth-enabled-devices/

 

[VirtualLarry]

I guess if you own shares in a BlueTooth business, SELL NOW.

 

[clamum]

Just was made of aware of this from a work email. Yikes, this seems like quite the vulnerability. It's good they worked with companies early to try and coordinate a response/fixes. Android and Windows have patches and iOS v10 and later are not affected. My phone apparently is still vulnerable cause the latest security patch from Verizon is the August Security Level. And nice that they received no reply from Samsung, and I have a Samsung smart TV.

Overview - Tech details - Demos of Vulnerability:
https://www.armis.com/blueborne/

 

[John Connor]

I've been using the App on my phone called Bluetooth Firewall. This should help prevent this from happening since I get an alert that something wants to connect to me and I need to allow it. Also, I only turn on Bluetooth when I use it. Which is not often and mostly at home.