Apple Fixed the Bluetooth Flaw Leaking AirPods Conversations
In an advisory issued late last week, Apple revealed a crucial firmware update for AirPods that fixes a fundamental bluetooth security flaw, which was giving users and experts alike trouble. With a tracking number of CVE-2024-27867, the security hole puts many Apple and Beats headphone models at risk: AirPods of the 2nd generation and later, AirPods Pro, AirPods Max, Powerbeats Pro, and Beats Fit Pro.
The vulnerability can allow an attacker within close Bluetooth proximity to compromise the headphones for eventual eavesdropping on private conversations. According to the advisory from Apple, the vulnerability occurs when the headphones attempt to pair with previously attached devices. An attacker in close range could spoof the source device and gain access to the headphones. Such an exposure could potentially result in grievous privacy breaches, especially when sensitive conversations or data are being relayed through such devices.
Apple has worked on this vulnerability by improving the state management protocols through firmware updates. The bug was discovered and reported by security researcher Jonas Dreßler. The patch has been released under AirPods Firmware Update 6A326, AirPods Firmware Update 6F8, and Beats Firmware Update 6F8. This just further shows the company’s stance on ensuring that the security and integrity of its products do not fall into harm’s way and also works towards guaranteeing that users’ privacy remains protected from emerging threats.
This latest update follows hot on the heels of another significant security update for Apple, designed to address multiple vulnerabilities in its vision platform. Of particular note in the CVE-2024-27812 is the logic issue, which Ryan Pickren of the WebKit discovered, that could allow an attacker to conduct a denial-of-service (DoS) attack during the handling of web content. This vulnerability has been mitigated through improved file handling mechanisms.
Even more interesting is the fact that Pickren called his finding the “world’s first spatial computing hack,” which could be weaponized to bypass security warnings and even swamp a user’s space with an infinite number of animated 3D objects, all without any action taken on the part of the user. This technique works by misusing a flaw in the Apple permissions model of the ARKit Quick Look feature, allowing 3D objects to remain even after one leaves the Safari browser. This underscores one of the most significant gaps in application interaction: between applications dealing with 3D content on Apple devices.
