Clark Howard

Warning: Update your cell phone now to close a door hackers can use to get your info

One of the most convenient features many of us enjoy on our mobile devices is Bluetooth, which allows our electronics to connect and “talk” to other gadgets. Because these connections could constitute a network, it’s important that this wireless technology be as secure as possible.

Bluetooth vulnerability: Why you should update your phone now

A new encryption vulnerability threatens to allow our personal information to be stolen via Bluetooth. The flaw, discovered by researchers at the Israel Institute of Technology, is being publicized by the U.S. Computer Emergency Response Team (CERT), which is based in the Carnegie Mellon Software Engineering Institute.

An announcement from CERT says the Bluetooth security hole "may allow a remote attacker to obtain the encryption key used by the device."

The Bluetooth Special Interest Group (SIG), which oversees implementation of the technology, said users could be exposed to "a man-in-the-middle attack" if the perpetrator is "within wireless range of two vulnerable Bluetooth devices that were going through a pairing procedure."

As you can imagine, this issue likely affects you, me and millions of other people with cell phones and other gadgets. Even if you have the latest, greatest Bluetooth-enabled mobile phone powered by the titans of technology, Apple, Google, Intel, etc., it is vulnerable to this security flaw if you don’t take action.

Here’s how to make sure your Bluetooth is safe

Bluetooth SIG says it has updated its public key validations, "thereby providing a remedy to the vulnerability from a specification perspective." Now it's up to us: Have you updated your device lately?

This handy chart shows the vendors that are affected and the date your device should have been updated or is ready to update.

Vendor Status Date Notified Date Updated
Apple Affected 18 Jan 2018 23 Jul 2018
Broadcom Affected 18 Jan 2018 19 Jun 2018
Intel Affected 18 Jan 2018 23 Jul 2018
QUALCOMM Incorporated Affected 18 Jan 2018 06 Feb 2018
Microsoft Not Affected 06 Feb 2018 20 Jul 2018
Android Open Source Project Unknown 18 Jan 2018 18 Jan 2018
Bluetooth SIG Unknown 06 Feb 2018 06 Feb 2018
Google Unknown 19 Mar 2018 19 Mar 2018
Linux Kernel Unknown 05 Mar 2018 05 Mar 2018

Keep up to date with the latest cybersecurity news and more at Clark.com. Subscribe to our newsletter and follow us on Twitter and Facebook!

More Clark.com stories you may like: 

0