Reports have come in from specialists at CERT, indicating that a wide range of Bluetooth-enabled devices have a serious security vulnerability and it’s not limited to just smartphones either; even Desktop PCs, tablets and other devices need to apply a fix ASAP.
The issue resides within the data encryption process when information is transferred from one device to another. There’s a missing check in the keys (Diffie-Hellman key exchange), so a hacker who’s within Bluetooth range can intercept basically all the data that’s being transferred. That includes not only notifications but also security codes for two-factor authentication.
All devices that use Qualcomm, Intel or Broadcom chips are vulnerable. But there’s good news and some bad news. The good news is that users who have applied the security patch since June are in the clear but those who haven’t need to be more cautious and install the latest software update as soon as it becomes available.