Billions of devices imperiled by new clickless Bluetooth attack

Discuss whatever you want here--both QB and non-QB related. Anything from the DEF INT command to the meaning of life!

Moderators: Pete, Mods

Post Reply
User avatar
Posts: 2466
Joined: Mon Aug 21, 2006 12:40 am
Location: Pittsburgh, PA

Billions of devices imperiled by new clickless Bluetooth attack

Post by burger2227 »

Billions of devices imperiled by new clickless Bluetooth attack
BlueBorne, as the researchers have dubbed their attack, is notable for its unusual reach and effectiveness. Virtually any Android, Linux, or Windows device that hasn't been recently patched and has Bluetooth turned on can be compromised by an attacking device within 32 feet. It doesn't require device users to click on any links, connect to a rogue Bluetooth device, or take any other action, short of leaving Bluetooth on. The exploit process is generally very fast, requiring no more than 10 seconds to complete, and it works even when the targeted device is already connected to another Bluetooth-enabled device.

Microsoft patched the vulnerabilities in July during the company's regularly scheduled Patch Tuesday. Company officials, however, didn't disclose the patch or the underlying vulnerabilities at the time. A Microsoft representative said Windows Phone was never vulnerable. Google, meanwhile, provided device manufacturers with a patch last month. It plans to make the patch available starting today for users of the Pixel XL and other Google-branded phones, but if past security bulletins are any guide, it may take weeks before over-the-air fixes are available to all users. Izrael said he expects Linux maintainers to release a fix soon. Apple's iOS prior to version 10 was also vulnerable.
Please acknowledge and thank members who answer your questions!
QB64 is a FREE QBasic compiler for WIN, MAC(OSX) and LINUX :
Get my Q-Basics demonstrator: ...
Post Reply