Select Bluetooth devices are no longer allowed to pair with Windows computers after installing the June 2019 security updates.
Microsoft revealed in an advisory that it decided to block the pairing of devices using Bluetooth Low Energy (BLE) keys because of a security flaw that could allow an attacker to intercept pairing keys.
“Microsoft is aware of an issue that affects the Bluetooth Low Energy (BLE) version of FIDO Security Keys. Due to a misconfiguration in the Bluetooth pairing protocols, it is possible for an attacker who is physically close to a user at the moment he/she uses the security key to communicate with the security key, or communicate with the device to which the key is paired,” it says.
In other words, because of a bug in the Bluetooth pairing protocols, an attacker can intercept the pairing codes and then be able to connect to the target device without authorization. From this point on, it’s all up to the attacker to decide how much damage they want to do on the compromised system.
Microsoft notes that any device that use well-known keys to encrypt connections might be disabled, and the company provides some resources for users whose devices might be impacted.
First and foremost, the following updates are said to be blocking the pairing of insecure devices:
KB4503293 or later LCU for Windows 10, version 1903. |
KB4503327 or later LCU for Windows 10, version 1809 and Windows Server 2019. |
KB4503286 or later LCU for Windows 10, version 1803. |
KB4503284 or later LCU for Windows 10, version 1709. |
KB4503279 or later LCU for Windows 10, version 1703. |
KB4503267 or later LCU for Windows 10, version 1607 and Windows Server 2016. |
KB4503291 or later LCU for Windows 10, version 1507. |
KB4503276 or later Monthly Rollup for Windows 8.1 and Windows Server 2012 R2. |
KB4503285 or later Monthly Rollup for Windows Server 2012 and Windows Embedded 8 Standard. |
KB4503290 for Windows 8.1 and Windows Server 2012 R2. |
KB4503263 for Windows Server 2012 and Windows Embedded 8 Standard. |
First of all, you should try to determine if your device is affected or not. To do this, you need to use the Event Log by launching the Event Viewer:
Start menu > type Event Viewer > Run as administrator
The event details are the following:
Event Log | System |
Event Source | BTHUSB or BTHMINI |
Event ID | 22 |
Name | BTHPORT_DEBUG_LINK_KEY_NOT_ALLOWED |
Level | Error |
Event Message Text | Your Bluetooth device attempted to establish a debug connection. The Windows Bluetooth stack does not allow debug connection while it is not in the debug mode. |
· Check the manufacturer website for your Bluetooth device to see if software updates are available |
· Uninstall the latest security updates to continue using the Bluetooth device (not recommended given security issues are involved) |
· Wait for additional options to be resolved and in the meantime avoid using the device |
At this point, it’s not known how many Bluetooth devices are impacted, but given the bug targets all latest versions of Windows, including all Windows 10 releases so far (May 2019 Update is also on the list), blocking the pairing could help protect a significant number of users.