Android February Security Patch Fixes Critical Bluetooth Vulnerability
A security flaw has been found in Android that allows attackers to access a phone via Bluetooth with no user interaction required. Android's most recent monthly security update, released on February 3rd, fixes the flaw. The vulnerability is rated "critical" — the highest rating — for Android versions 8 and 9. In Android 10, the same bug allows a remote attacker to crash the Bluetooth system, but does not present the same security vulnerability. Attackers must be within Bluetooth range (typically around 30 feet) to exploit the flaw. Users can ensure they're not vulnerable by turning off Bluetooth until their phone receives the February update. There are ways to continue using Bluetooth in public while making it difficult to exploit the flaw. Attackers need to know your Bluetooth MAC address (device ID). This can be obtained in two ways: The first is if your phone is in Bluetooth "discoverable" (pairing) mode. Also, on some devices, the Bluetooth MAC address can be deduced from the Wi-Fi MAC address. Therefore users with a non-updated Android phone who are concerned about the issue should avoid pairing new Bluetooth devices while near any public areas, and keep Wi-Fi turned off on their phone.
Nov 6, 2017
Google today made its monthly security update available to its branded Android devices. November's patch plugs a handful of security holes that threaten Android devices.
Feb 5, 2018
Google today made the February security patch available to its Nexus and Pixel devices. First and foremost, the patch closes a number of security holes in the code that left all the handsets vulnerable to certain types of attacks.
Jan 19, 2018
Google has sent a fresh security patch to the Pixel 2 and Pixel 2 XL handsets. Google says the update "fixes critical bugs and improves the performance and stability" of the Pixel smartphones.
Sep 28, 2018
Facebook today revealed that its system was breached on September 25 by hackers and the details of some 50 million people may have been exposed. Facebook said it is taking the matter "incredibly seriously" and is being transparent in providing information as it investigates the breach.