-
Team TechTree
06:51 10th Feb, 2020
Update Your Android Device to Fix This Bluetooth Bug | TechTree.com
Update Your Android Device to Fix This Bluetooth Bug
One way to lessen the risk is ensure that your phone is in non-discoverable mode when Bluetooth is on.
If you are using an older Android device running Android 8 or 9, you need to be careful of using Bluetooth. A bug was discovered by German IT cyber-security firm ERNW that allows anyone within range of a Bluetooth-enabled Android device to gain access to the device’s storage.
The vulnerability, tracked as CVE-2020-0022, affects devices running Android Oreo (8.0 and 8.1) and Pie (9.0). For these devices that account for almost two-thirds of Android devices in use, the flaw is rated critical by Google.
The consequences of this vulnerability can lead to the theft of personal information or the injection of malware into the smartphone. To make things worse, it can be exploited without user intervention, as long as Bluetooth is turned on, explains the the ENRW’s bug report.
All that the hacker needs is some extra details about the device—specifically its Bluetooth MAC address—before they can fully access the internal storage remotely, but as, that’s relatively easy to figure out. And once they’re in, an attacker could easily lift personal files and install malware or other spyware on the device without ever alerting the phone’s user.
The bug is much less of a problem for Android 10, where it cannot be exploited and leads ‘only’ to a crash of the Bluetooth daemon. Those versions of Android even older than 8.0 could also suffer from the Bluetooth vulnerability, but those versions have not been tested, the report said.
Users are strongly advised to install the latest available security patch from February 2020. Users can download and install the patch if it’s available for you via the standard Android system update process.
If you can’t install the February 2020 security update because your Android is too old, the next-best solution is to stop using Bluetooth. This makes it impossible for hackers to use the exploit against you, though it also disables your ability to use Bluetooth accessories.
The report mentions if you own a Google-branded smartphone such as Pixel, you’re in luck. By contrast, patching may not be as fast as desired for many other Android device owners, who need to wait for their phone manufacturers or carriers to roll out the updates. Worse, many devices may no longer be supported.
One way to lessen the risk is ensure that your phone is in non-discoverable mode when Bluetooth is on. Alternatively, enable Bluetooth only if necessary and remember to turn it off when not in use.
TAGS: Android, Bluetooth, Bugs, Android 8, cyber security, Cybersecurity, Android Oreo
News Corner
- DRIFE Begins Operations in Namma Bengaluru
- Sevenaire launches ‘NEPTUNE’ – 24W Portable Speaker with RGB LED Lights
- Inbase launches ‘Urban Q1 Pro’ TWS Earbuds with Smart Touch control in India
- Airtel announces Rs 6000 cashback on purchase of smartphones from leading brands
- 78% of Indians are saving to spend during the festive season and 72% will splurge on gadgets & electronics
- 5 Tips For Buying A TV This Festive Season
- Facebook launches its largest creator education program in India
- 5 educational tech toys for young and aspiring engineers
- Mid-range smartphones emerge as customer favourites this festive season, reveals Amazon survey
- COLORFUL Launches Onebot M24A1 AIO PC for Professionals
TECHTREE