https://safirsoft.com New BrakTooth Bluetooth vulnerabilities affect billions of devices worldwide

Why it matters: Over the past two years, we've written about several Bluetooth security flaws that reflect the magical fragility that allows us to pair devices wirelessly. Security researchers have recently discovered a new set of vulnerabilities that can control billions of devices that are damaged, frozen, or completely controlled, but this time it's not about the Bluetooth standard itself. Rather, it is the result of a poorly implemented device operating system that may or may not be fixed in the near future.

Security researchers at the Singapore University of Technology and Design recently published a report on a new set of vulnerabilities in the Bluetooth suite of several commercial products. A total of 16 flaws are called "BrakTooth" and create a vast array of billions of devices around the world that divide popular vendors such as Intel, Infineon (Cypress), Silicon Labs, Qualcomm, and others. It has a place in itself. More than 1,400 devices are known to have one or more defects, including Microsoft's Surface Book 3, Surface Laptop 3, Surface Pro 7, Surface Go 2, Dell Optiplex desktops and Alienware laptops. Lots of Asus and HP ultrabooks as well as phones like Xperia XZ2, Oppo Reno 5G and Pocophone F1. IoT systems based on Qualcomm ESP32 Espressif systems, CSR8811 chipsets, a variety of wireless computer and telephone accessories, smart home appliances and in-car entertainment systems are also affected.

Researchers are concerned that some vendors may not want to address all of these issues exactly, which will certainly be difficult. However, the impact varies from device to device, with CVE-2021-28139 being the worst vulnerability because it allows an attacker to execute arbitrary code on the target device. Some devices are only vulnerable to denial of service attacks that corrupt the chipset operating system, or may hit a deadlock that disables the Bluetooth connection. However, a simple restart can usually fix this problem. Devices around the world ">

To be clear, 16 flaws do not affect the Bluetooth standard itself, but rather affect various applications made by chip vendors. Some defective devices are on the way, and researchers have postponed the release of confirmed violations until Next month For an in-depth study on BrakTooth and patch progress, be sure to check out the dedicated website.

There isn't much you can do about how to minimize issues, except to turn off Bluetooth when it's not in use and doesn't provide any Security updates for your devices.

New BrakTooth Bluetooth vulnerabilities affect billions of devices worldwide
new-braktooth-bluetooth-vulnerabilities-affect-billions-of.html

https://safirsoft.com Some popular iPhone apps and games can still track you even if you opt out

Some popular iPhone apps and games can still track you even if you opt out

Facepalm: A study finds that some iOS app developers have found a new way to track users between apps, even after dropping the new app tracking transp...
https://safirsoft.com Most people still use passwords on multiple sites

Most people still use passwords on multiple sites

Why it matters: Do you, like many people, reuse passwords on multiple sites and services? Needless to say, such a procedure is not a good idea. This i...
https://safirsoft.com Do you own one of these 11 Netgear routers? If so, fix it immediately

Do you own one of these 11 Netgear routers? If so, fix it immediately

Netgear released an operating system update for nearly a dozen routers after learning of a vulnerability that could be used to execute remote code. Ev...
https://safirsoft.com Millions of AMD PCs with new CPU failures should be patched ASAP

Millions of AMD PCs with new CPU failures should be patched ASAP

After discovering several security flaws in Intel's System Protection System (SGX), security researchers have now identified a flaw in the AMD Platfor...
https://safirsoft.com Free REvil Ransomware Decoder Released for Previous Victims

Free REvil Ransomware Decoder Released for Previous Victims

What happened? This week, security firm Bitdefender, in conjunction with law enforcement, released a free program to help victims of REvil - the ranso...
https://safirsoft.com Apple releases emergency updates to fix the bug that allows highly aggressive spyware to infect its products without any infection

Apple releases emergency updates to fix the bug that allows highly aggressive spyware to infect its products without any infection

PSA: If you own an Apple device, you may have noticed an unscheduled update notification today. You may want to make these updates as soon as possible...