BlueBorne Vulnerability Scanner by Armis is a free application for Android devices that checks whether the device is vulnerable to BlueBorne.
BlueBorne is an attack vector that attacks devices via Bluetooth. Any device with Bluetooth may be vulnerable to attacks that are carried out over the air. The researchers state that the attack affects mobile, desktop and Internet of Things operating systems including Android, iOS, Windows and Linux.
Hackers may exploit these vulnerabilities to take control off devices via BlueTooth connections. What makes BlueBorne particularly worrying is the fact that it does not require that devices are paired, and that the Bluetooth processes run with high privileges on operating systems.
BlueBorne allows attackers to take control of devices, access corporate data and networks, penetrate secure “air-gapped” networks, and spread malware laterally to adjacent devices.
Armis discovered eight vulnerabilities of which it classified four as critical. The main question for users is whether their devices are vulnerable, and that is what BlueBorne Vulnerability Scanner reveals.
The application for Android is a simple program: install it, fire it up, and hit the scan button to have the device scanned for vulnerabilities.
The scan takes a few seconds to complete, and you are informed whether the device is vulnerable or not in the end.
If found vulnerable, the app suggests to check with the device manufacturer to find out if updates have been released already that patch the vulnerabilities.
Users who discover that this is not the case may want to turn off Bluetooth for the time being as it is probably the only option to protect the device from attacks targeting the vulnerabilities.
The other option that the device supports is to run a scan for devices in the vicinity to find out whether they are potentially vulnerable to the attack as well.
Google released security patches for Android devices to its partners in early August of 2017. The vulnerabilities that affect Android are patched in the September 9th, 2017 security patch level for Android.
Microsoft released security updates in July 2017; Windows users who have not downloaded the patches yet and are using Bluetooth should download and install the patch to protect their devices against attacks.
Additional information on BlueBorne is available on the Armis website.
Now you: are your devices vulnerable?
Ghacks is a technology news blog that was founded in 2005 by Martin Brinkmann. It has since then become one of the most popular tech news sites on the Internet with five authors and regular contributions from freelance writers.