06:51 10th Feb, 2020
Update Your Android Device to Fix This Bluetooth Bug
One way to lessen the risk is ensure that your phone is in non-discoverable mode when Bluetooth is on.
If you are using an older Android device running Android 8 or 9, you need to be careful of using Bluetooth. A bug was discovered by German IT cyber-security firm ERNW that allows anyone within range of a Bluetooth-enabled Android device to gain access to the device’s storage.
The vulnerability, tracked as CVE-2020-0022, affects devices running Android Oreo (8.0 and 8.1) and Pie (9.0). For these devices that account for almost two-thirds of Android devices in use, the flaw is rated critical by Google.
The consequences of this vulnerability can lead to the theft of personal information or the injection of malware into the smartphone. To make things worse, it can be exploited without user intervention, as long as Bluetooth is turned on, explains the the ENRW’s bug report.
All that the hacker needs is some extra details about the device—specifically its Bluetooth MAC address—before they can fully access the internal storage remotely, but as, that’s relatively easy to figure out. And once they’re in, an attacker could easily lift personal files and install malware or other spyware on the device without ever alerting the phone’s user.
The bug is much less of a problem for Android 10, where it cannot be exploited and leads ‘only’ to a crash of the Bluetooth daemon. Those versions of Android even older than 8.0 could also suffer from the Bluetooth vulnerability, but those versions have not been tested, the report said.
Users are strongly advised to install the latest available security patch from February 2020. Users can download and install the patch if it’s available for you via the standard Android system update process.
If you can’t install the February 2020 security update because your Android is too old, the next-best solution is to stop using Bluetooth. This makes it impossible for hackers to use the exploit against you, though it also disables your ability to use Bluetooth accessories.
The report mentions if you own a Google-branded smartphone such as Pixel, you’re in luck. By contrast, patching may not be as fast as desired for many other Android device owners, who need to wait for their phone manufacturers or carriers to roll out the updates. Worse, many devices may no longer be supported.
One way to lessen the risk is ensure that your phone is in non-discoverable mode when Bluetooth is on. Alternatively, enable Bluetooth only if necessary and remember to turn it off when not in use.
- Unbox Robotics, an early stage startup from the maiden cohort of Entrepreneur First, receives initial round of funding
- boAt audio ranked No.1 in India in the earwear category
- Kodak HD LED TV launches India’s most affordable Dolby vision Android certified 4K TVs
- Global debut of Redmi Note 9 Pro Max and Redmi Note 9 Pro in India
- POCO announces ‘Head for Red’ sale for Phoenix Red POCO X2
- Xiaomi India launches new Mi Dual Driver In-Ear Earphones
- Xiaomi to bring NavIC technology from ISRO to several smartphones in 2020
- Bobble celebrates 'Namaste Trump" with new GIFs, and Stickers
- Fujifilm unveils the new X100V camera with high performance and advanced functions along with two new XC 35mm F2 and GF 45-100mm F4 lens
- boAt audio launches new range of earphones & speakers at the recently concluded Lakmé Fashion Week