Update Android to Fix Serious Bluetooth Error
Anyone with an older Android device running Android 8 or 9 should use Bluetooth with caution. Cybersecurity firm ERNW has discovered a bug that allows anyone within reach of a Bluetooth-enabled Android device to access the device’s storage.
A hacker needs to know some additional information about the device, specifically its Bluetooth MAC address, before he can get full remote access to the internal memory, but as explained in the ENRW bug report , this is relatively easy to figure out. And once they are inside, an attacker can easily hijack personal files and install malware or other spyware on a device without even alerting the phone user.
The February 2020 Android Security Patch includes a fix for this bug, so you should download and install the fix if it’s available to you through the standard Android system update process .
The ENRW bug report also notes that Android versions even older than 8.0 may also suffer from the Bluetooth vulnerability, but these versions have not been tested. The bug also exists in Android 10, but it cannot be exploited, so there is no risk here (although Android 10 users should still install the security update as it includes other fixes).
If you are unable to install the February 2020 security update because your Android is too old, the next best solution is to stop using Bluetooth. This prevents hackers from using the exploit against you, but it also prevents you from using Bluetooth accessories. (Hopefully your device still has a 3.5mm headphone jack.)
If not, consider turning off Bluetooth discoverability on your device – if possible – or take a mental note to turn off Bluetooth via the status bar, or what you see when you swipe down from the top of the screen when you take it. do not use.