News

Apple Releases Important New Magic Keyboard Firmware Update, Fixes Bluetooth Security Issue

Apple has released a new Magic Keyboard firmware, version 2.0.6. The update includes a fix for a Bluetooth-related security vulnerability.

“An attacker with physical access to the accessory may be able to extract its Bluetooth pairing key and monitor Bluetooth traffic,” an Apple support document says.

The firmware update is compatible with multiple Magic Keyboard models for the Mac, including the standard Magic Keyboard, Magic Keyboard with Numeric Keypad, Magic Keyboard with Touch ID, and Magic Keyboard with Touch ID and Numeric Keypad.

The update doesn’t require any effort on your part, as Magic Keyboard updates are performed automatically while the keyboard is paired to a device running macOS, iOS, iPadOS, or tvOS. There is no way to manually apply an update.

If you’ve been using your Mac and its Magic Keyboard this week, it’s likely that the update has already been installed. To check a Magic Keyboard’s firmware version on a Mac, open the System Settings app, click “Bluetooth,” and then click on the info button next to your keyboards name.

Apple’s explanation of the security risk:

Bluetooth

Available for: Magic Keyboard; Magic Keyboard (2021); Magic Keyboard with Numeric Keypad; Magic Keyboard with Touch ID; and Magic Keyboard with Touch ID and Numeric Keypad

Impact: An attacker with physical access to the accessory may be able to extract its Bluetooth pairing key and monitor Bluetooth traffic

Description: A session management issue was addressed with improved checks.

CVE-2024-0230: Marc Newlin of SkySafe

Chris Hauk

Chris is a Senior Editor at Mactrast. He lives somewhere in the deep Southern part of America, and yes, he has to pump in both sunshine and the Internet.