#BluetoothVulnerability

About the security content of AirPods Firmware Update 6A326, AirPods Firmware Update 6F8, and Beats Firmware Update 6F8 – Apple Support

by

October 15, 2024 at 02:09PM An authentication vulnerability (CVE-2024-27867) in certain AirPods and Beats models allows attackers within Bluetooth range to spoof connections to headphones. A firmware update addressing this issue is available for AirPods (2nd generation and later), AirPods Pro, AirPods Max, Powerbeats Pro, and Beats Fit Pro, effective June 25, 2024. ### Meeting … Read more

Apple Patches Major Security Flaws with iOS 18 Refresh

by

September 16, 2024 at 03:45PM Apple’s iOS 18 refresh addresses at least 33 security vulnerabilities, securing iPhones and iPads from malicious attacks. Fixes encompass core components like accessibility, Bluetooth, Control Center, and Wi-Fi, preventing unauthorized access to sensitive data or device control. Additionally, macOS Sequoia 15 was launched with a significant number of security patches … Read more

Apple Patches Keystroke Injection Vulnerability in Magic Keyboard

by

January 12, 2024 at 06:15AM Apple announced a firmware update for the Magic Keyboard to fix a Bluetooth vulnerability disclosed by SkySafe engineer. The vulnerability could allow attackers to inject keystrokes without authentication. The update, version 2.0.6, is being rolled out and reportedly mitigates the attack. Users can check for the update in their system … Read more

Apple and some Linux distros are open to Bluetooth attack

by

December 6, 2023 at 03:57PM A Bluetooth vulnerability, CVE-2023-45866, allows unauthorized keystroke injection into Apple, Android, and Linux devices, enabling attackers to execute commands remotely. Marc Newlin discovered and reported the bug, which can be exploited from Linux using standard hardware. Fixes are available for newer Android versions and ChromeOS, but not all systems are … Read more

Critical Bluetooth Flaw Exposes Android, Apple & Linux Devices to Takeover

by

December 6, 2023 at 12:18PM A critical Bluetooth vulnerability, CVE-2023-45866, enabling keystroke injection on macOS, iOS, Android, and Linux, allows attackers to remotely perform actions on devices without user confirmation. Discovered by Marc Newlin, who will release proof-of-concept exploits, it affects multiple platforms with varying levels of exposure. Patches are available for some, but not … Read more