Apparently, the flaw CVE-2019-2102 is related to the connections that take place over the Bluetooth Low Energy or BT LE protocol. This means that attackers within close proximity of a Bluetooth LE connection could remotely send arbitrary keystrokes without the knowledge of the user. “You may experience issues pairing, connecting or using certain Bluetooth devices after installing security updates released June 11, 2019. These security updates address a security vulnerability by intentionally preventing connections from Windows to unsecure Bluetooth devices. Any device using well-known keys to encrypt connections may be affected, including certain security fobs,” Microsoft wrote in its support document, which was first spotted by Windows Latest. If you want to find out if your Bluetooth device is affected by this issue, you can check the ‘Event log’ and look for an error message that says, “Your Bluetooth device attempted to establish a debug connection. The Windows Bluetooth stack does not allow debug connection while it is not in the debug mode.” To avoid facing this issue, you could also update your Bluetooth devices. Additionally, Microsoft says “if you experience issues pairing, connecting or using Bluetooth devices after installing any of the affected security updates, please contact the manufacturer of your Bluetooth device to determine if a device update exits.” The Windows versions that are affected by the Bluetooth issue are: Windows 10 version 1903, Windows 10 version 1809, all versions of Windows Server 2019, Windows 10 version 1803, Windows 10 version 1709, Windows 10 Version 1703, Windows 10 Version 1607, Windows Server 2016, Windows 10 version 1507 , Windows 8.1, Windows Server 2012 R2, Windows Server 2012, and Windows Embedded 8 Standard. Source: Microsoft
