Researchers say the latest Bluetooth hack could reach almost all devices, the most valuable being smartphones. Some manufacturers have released patches already, but many will have to wait.
The only way to be sure this doesn’t affect you is to turn off your bluetooth.
The main things to know are:
- Turning Bluetooth off is the only defence until your device is patched
- Even if you are already connected to another device, you are still vulnerable
- All Android phones, tablets, and wearables, apart from those using only Bluetooth Low Energy, are potentially vulnerable to the flaw. Google issued a patch to its partners on August 7
- All iPhone, iPad and iPod touch devices running iOS 9.3.5 or earlier, as well as AppleTV devices running version 7.2.2 or earlier are potentially vulnerable to the iOS remote code execution vulnerability. Devices running iOS 10 and later should not be affected.
- Linux devices running BlueZ are affected by the information leak flaw and those from version 3.3-rc1, released in October 2011, are affected by the remote code execution flaw. Among potentially vulnerable products are Samsung Gear S3 watches, Smart TVs, and Family Hub devices.
- Every Windows computer since Windows Vista is potentially vulnerable to the “Bluetooth Pineapple” flaw, which can be used to conduct a man-in-the-middle attack. Microsoft released a patch in July.
- The vulnerability has been in Bluetooth for 10 years
Here’s a video of the Bluetooth attack being performed.