Advertisement
Eight zero-day vulnerabilities affecting the Android, Windows, Linux and iOS implementations of Bluetooth can be exploited by attackers to extract information from, execute malicious code on, or perform a MitM attack against vulnerable devices.
The vulnerabilities, collectively dubbed BlueBorne by the researchers who discovered them, can be exploited without users having to click on a link or download a questionable file – in fact, no action by the user is required to perform the attack. Also, attacks exploiting them spread through the air, so it’s difficult to detect them and are highly contagious. Users will also not be able to detect whether they are being hit with a BlueBorne attack.