[ad_1]
A new research paper revealed a bug in the Bluetooth protocol, which allows attackers to intercept and forge data over a wireless connection. Many hardware manufacturers are working to repair this serious flaw, affecting every chip manufactured by Intel, Broadcom and Qualcomm. People using Bluetooth technology to connect smartphones, computers, or other devices should make sure the patch is installed as soon as possible.
The Bluetooth protocol supports several factors that allow previously disconnected devices to configure a secret key for encrypted connections. The attack uses a newly developed version to exploit a major protocol flaw unknown for more than a decade, allowing attackers to force devices to use a generic cryptographic key allowing them to monitor and modify transmitted data. wireless.
Bluetooth devices from some vendors do not correctly check for encrypted key exchanges when Bluetooth devices attempt to associate with it, which causes many manufacturers to release hardware and software updates, including those running MacOS , iOS or Android.
The researchers said that Microsoft is using an older version of the Bluetooth standard that is less secure than the current imperfect standard, despite Microsoft's assertion that its systems are not directly affected. But the report says that many wireless chips for Windows 7, 8.1 and 10 are on the list of models concerned.
The CERT recently issued a note on this subject, and the information shows that both devices bad to control the success of the attacks, which means that as long as the user is corrected, l & # 39; the user will not be at risk, so people using Bluetooth technology to transfer data or control devices should ensure that patches are installed on at least one of these devices. BlueBorne, which exploded last year, has threatened millions of smart phones, laptops and home appliances and made them vulnerable to hacker control. The virus has touched almost every Bluetooth enabled devices and worked with Android, Microsoft, Samsung,
[ad_2]
Source link
