Apple fixes Bluetooth security flaw that affected iPhone and Mac | Security

A vulnerability in the Bluetooth function discovered by Intel could endanger non-upgraded Apple devices. The problem, released last week, opens the way for hackers to intercept user data and pair devices between devices without the owner's consent. The bug has already been fixed by Apple, but requires downloading the latest version of the operating system. The solution for the flaw was released for Mac (macOS High Sierra 10.13.5 and 10.13.6), iPhone (iOS 11.4), Apple TV (tvOS 11.4) and Apple Watch (watchOS 4.3.1).

READ: Thirteen curiosities about Apple that you probably didn't know

iPhone and other Apple devices need to be updated to fix security bug Photo: Luciana Maline / dnetciPhone and other Apple devices need to be updated to fix security bug Photo: Luciana Maline / dnetc

iPhone and other Apple devices need to be updated to fix security bug Photo: Luciana Maline / dnetc

Hackers can exploit a weakness in the Bluetooth pairing mechanism on the affected devices. According to the researchers who discovered the flaw, the cause lies in the implementation of wireless connectivity technology in drivers that run on computers and cell phones. At the time of pairing, some parameters would not be being checked consistently to ensure adequate security.

As a result, the connection between two devices would become fragile enough for hackers to invade. In practice, criminals can take advantage of the bug to steal trafficked data. However, the possibilities of criminal action can be rare. According to SIG (Bluetooth Special Interest Group), the entity that supervises Bluetooth standards, the hacker must be close to two vulnerable devices at the time of pairing to have the chance to attack.

To protect themselves, Apple device users must update the manufacturer's iPhone, Mac and other devices.

Intel, Broadcom and Qualcomm

The breach in Bluetooth technology also affects devices that have controllers manufactured by Intel, Broadcom and Qualcomm. The three companies also released corrections. Microsoft, whose Windows system runs on machines using components made by hardware manufacturers, said its products were not affected by the problem. It is not yet known whether devices that use Linux as a base, such as Android, are vulnerable.

Has iOS 11 improved or is it still bad? Ask questions in the dnetc forum.

How to update iOS on iPhone and iPad

How to update iOS on iPhone and iPad