Key Takeaways:
Apple has released a new firmware update for several of its audio products, including the AirPods Pro, AirPods Pro 2, AirPods Max, second and third-generation AirPods, the Beats Fit Pro, and the PowerBeats Pro.
While there were not many details on the features included in the new update, the company said it was for “bug fixes and other improvements”.
Latest Firmware Update for AirPods Fixes Critical Bug That Could Have Allowed Hackers to Listen to Conversations
However, reports suggest that there was a major security bug affecting the devices, which could have allowed a malicious actor to gain access to the headphones and eavesdrop on conversations. Apple’s quick thinking has saved itself from an apparent catastrophe.
On Tuesday, Apple issued a separate support document where it said that when the AirPods are seeking a request to connect to one of the user’s previously paired devices, an attacker in Bluetooth range might be able to spoof the intended source device and gain access to the headphones.
The bug has since been patched as part of the AirPods Firmware Update 6A326, AirPods Firmware Update 6F8, and Beats Firmware Update 6F8. Apple generally doesn’t offer updates to the AirPods software, but new firmware is installed over the air when it is connected to an iPhone or Mac.
Apple Saves VisionPro From “World’s First Spatial Computing Hack”
The patch comes just two weeks after Apple rolled out updates for the VisionOS to clear out 21 shortcomings, which included seven flaws in the WebKit browser engine. One issue with the mixed-reality headset was a logic flaw that resulted in the device prompting a denial-of-service (DNS) when processing web content.
The vulnerability was described by security researchers as the “world’s first spatial computing hack” that could be weaponized to bypass all warnings and forcefully fill the user’s field of view with an “arbitrary number of animated 3D objects”.
The issue takes advantage of Apple’s failure to apply permissions when using the ARKit Quick Look feature to spawn 3D objects from Safari in a VisionPro user’s room. What makes the issue worse is that these animated objects continue to persist even after the user exits the Safari browser. This is because the objects are handled by a separate application on the headset.
How to Update Your AirPods, AirPods Max, and Beats to the Latest Firmware?
Apple usually mentions when a security issue has been exploited by attackers, but in both these cases, the company hasn’t informed whether that has been the case and neither were there reports of any breach.
However, it is still important to update the firmware of your Apple and Beats headphones as bad actors may try to exploit it. To update your headphones, place them in their case, connect them to a power source, and then pair them with your iOS, iPadOS, or macOS device.
If you are a Beats Fit Pro or PowerBeats Pro user with an Android Phone, then you can manually update the firmware through the Beats app for Android.
You can check whether your AirPods are updated on the iPhone or iPad by following these steps:
- Connect the AirPods to your iOS device
- Open Settings
- Tap on Bluetooth
- Find your AirPods from the list of devices
- Tap on the info button next to its name
- Tap About
- Verify the firmware version of your AirPods
Related news: Apple Unveils iOS 18: Apple Intelligence, Upgraded Siri, Password App, And More
