Google Fixes No-User-Interaction Bug In Android's Bluetooth Component

An anonymous reader quotes a report from ZDNet: Google has patched this week a critical security flaw in Android's Bluetooth component. If left unpatched, the vulnerability can be exploited without any user interaction and can even be used to create self-spreading Bluetooth worms. Researchers said that exploiting the bug requires no user interaction. All that is required is that the user has Bluetooth enabled on his device. However, while this requirement would have limited the attack surface in past years, it does not today since modern Android OS versions ship with Bluetooth enabled by default and many Android users use Bluetooth-based headphones meaning the Bluetooth service is likely to be enabled on many handsets. The bug can lead to remote code execution and the hijacking of a device. Fixes for the bug are available via the Android February 2020 Security Bulletin, which has been available for download starting this week. Android 9 and earlier are impacted.

Read more of this story at Slashdot.

from Slashdot https://ift.tt/2H2lb0f

Share on FacebookPlus on Google+

SUBSCRIBE TO OUR NEWSLETTER