Become a MacRumors Supporter for $25/year with no ads, private forums, and more!

MacRumors

macrumors bot
Original poster
Apr 12, 2001
55,023
17,400



BluetoothIconX.jpg
A newly discovered Bluetooth vulnerability that was published this week by Intel has the potential to allow a nearby hacker to gain unauthorized access to a device, intercepting traffic and sending forged pairing messages between two vulnerable Bluetooth devices.

The vulnerability affects Bluetooth implementations and operating system drivers of Apple, Broadcom, Intel, and Qualcomm.

From Intel's explanation:
A vulnerability in Bluetooth(R) pairing potentially allows an attacker with physical proximity (within 30 meters) to gain unauthorized access via an adjacent network, intercept traffic and send forged pairing messages between two vulnerable Bluetooth(R) devices. This may result in information disclosure, elevation of privilege and/or denial of service.
As BleepingComputer explains, Bluetooth-capable devices are not sufficiently validating encryption parameters in "secure" Bluetooth connections, leading to a weak pairing that can be exploited by an attacker to obtain data sent between two devices.

According to the Bluetooth Special Interest Group (SIG) it's not likely many users were impacted by the vulnerability.
For an attack to be successful, an attacking device would need to be within wireless range of two vulnerable Bluetooth devices that were going through a pairing procedure. The attacking device would need to intercept the public key exchange by blocking each transmission, sending an acknowledgment to the sending device, and then injecting the malicious packet to the receiving device within a narrow time window. If only one device had the vulnerability, the attack would not be successful.
Both Bluetooth and Bluetooth LE are affected. Apple has already introduced a fix for the bug on its devices (in macOS High Sierra 10.13.5/10.13.6, iOS 11.4, tvOS 11.4, and watchOS 4.3.1), so iOS and Mac users do not need to worry. Intel, Broadcom, and Qualcomm have also introduced fixes, while Microsoft says its devices are not affected.

Article Link: Bluetooth Security Vulnerability Discovered, but Apple's Fix is Already in Place
 

ArtOfWarfare

macrumors G3
Nov 26, 2007
9,343
5,552
I wonder if the Tesla Model 3 is vulnerable? I think not... I think the car is looking for an actual password or token to be received via bluetooth. Simply connecting isn't enough.
 

fairuz

macrumors 68020
Aug 27, 2017
2,486
2,589
Silicon Valley
Yo, maybe we can exploit this instead of fixing it. That way I can finally forcibly auto-pair my stuff instead of going through the painful pairing process manually!

Jokes aside, this is yet another reason I keep Bluetooth disabled forever (the other big one being that it's a PitA). It's like Adobe Flash, a new vulnerability every few months.
[doublepost=1532463234][/doublepost]
Only High Sierra? Did the Sierra security update fix this?
HS, Sierra, and El Cap are patched: https://support.apple.com/en-us/HT208937
Edit: Not actually sure cause the Bluetooth subsection says something different.
 
Last edited:

noraa

macrumors 6502
Jun 23, 2003
408
914
Why are Microsoft devices not affected? :oops:

Where are you reading that Microsoft products aren't affected? If you click on the first link in the article, it takes you to Intel's research notes on the vulnerability - Windows is listed as the first OS on how to fix the issue.

The vulnerability isn't in the OS, it's in the driver's. Apple produces their own drivers (for the most part), whereas Microsoft/Windows relies on 3rd party drivers from the device manufacturer Thus you wouldn't say Windows is vulnerable, but various Bluetooth devices and drivers are vulnerable on Windows.
 

macintoshmac

macrumors 603
May 13, 2010
5,800
6,511
Where are you reading that Microsoft products aren't affected? If you click on the first link in the article, it takes you to Intel's research notes on the vulnerability - Windows is listed as the first OS on how to fix the issue.

The vulnerability isn't in the OS, it's in the driver's. Apple produces their own drivers (for the most part), whereas Microsoft/Windows relies on 3rd party drivers from the device manufacturer Thus you wouldn't say Windows is vulnerable, but various Bluetooth devices and drivers are vulnerable on Windows.

Because they are, if you had read the original article carefully.



I'm sure all Android manufactures are going to release security fixes for this problem for all their phones released in the past 6 years.

Didn’t read the link, but the front page post clearly states “Microsoft says it’s devices are not effected.”

Exactly that - the MacRumors article says clearly that Microsoft stated its devices are not affected. I did not misread anything. :)
 
  • Like
Reactions: rhoydotp

noraa

macrumors 6502
Jun 23, 2003
408
914
Exactly that - the MacRumors article says clearly that Microsoft stated its devices are not affected. I did not misread anything. :)

Ahhh, you're right. I must’ve skipped over the last sentence.

With that being said, I think that sentence is a bit misleading. My guess is that we’re talking about Microsoft hardware products (i.e. their Surface looks be), which may be using different Bluetooth chips or have a custom driver. Windows itself is still “vulnerable” in the sense that if the Bluetooth driver has the flaw, there isn’t anything Windows can actively do to prevent the issue - the driver would need to be updated.
 
  • Like
Reactions: macintoshmac

fairuz

macrumors 68020
Aug 27, 2017
2,486
2,589
Silicon Valley
Where are you reading that Microsoft products aren't affected? If you click on the first link in the article, it takes you to Intel's research notes on the vulnerability - Windows is listed as the first OS on how to fix the issue.

The vulnerability isn't in the OS, it's in the driver's. Apple produces their own drivers (for the most part), whereas Microsoft/Windows relies on 3rd party drivers from the device manufacturer Thus you wouldn't say Windows is vulnerable, but various Bluetooth devices and drivers are vulnerable on Windows.
Says at the bottom of the MR article, Microsoft's devices aren't affected. MS's devices are just the Surface and Windows Phones. Windows isn't a device.

Edit: D'oh, this has already been said above.
 

OldSchoolMacGuy

Suspended
Jul 10, 2008
4,197
9,050
Really not that big of a deal even if you can't patch it. So someone within 30ft of you using your Bluetooth mouse would be able to get the cursor movement details or listen in on your music. Oh NO!
 
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.