OWNERS of Android smartphones and tablets should use Bluetooth with care at the moment as a security vulnerability means that an attacker could use it to steal personal data or inject malware.
The vulnerability is called CVE-2020-0022 and could allow an attacker to exploit Bluetooth to execute arbitrary code on devices running Android 8 (Oreo) or 9 (Pie). Devices with Android 10 are not affected.
If your device has Android 8 or 9 you should check under settings that the latest security update has been installed.
If you see the dates 2020-02-01 or 2020-02-05 for your last update, then your device is safe.
Users can’t manually install security patches with Android – they have to wait until the device manufacturer sends a system update, reports dpa.
If you haven’t got the security patch that plugs this gap, it’s recommended that you only enable Bluetooth when it’s strictly necessary. Most Bluetooth-enabled headphones can also be used with a cable.
The experts also recommend that you keep your device non-discoverable if possible. That means that third-party devices can’t find your smartphone or tablet even when Bluetooth is turned on.