Fire Stick streamers across the United Kingdom have been warned that they should check for potential updates, as older software versions could be open to horrific cyber attacks from internet fraudsters.
The warning has been issued by the team at Bitdefender, who discovered a number of loopholes and vulnerabilities which could impact device security.
One of the known flaws is so serious that it could result in attackers gaining complete remote control of a device, which is worrying for anyone who has Amazon's popular TV technology.
Read more: 'Hidden' Amazon page that shows shoppers incredible deals
The Express Reports that three bugs in total were identified within the Fire TV operating system, with Amazon becoming aware of the issues in late 2022. As a result, the online marketplace has rolled out an urgent patch, but it's vital that customers check their devices to make sure they are running on the newest version.
Luckily, it appears that the software release landed just in time to prevent any attacks taking place, with no standing evidence that the hacks have been used and their Fire Sticks. Bitdefender says it has been working closely with the Amazon Fire TV team through all stages of vulnerability disclosure with the firm praising Amazon for its speedy response.
To check your Fire TV is up to date follow these steps
To update your Fire TV Stick, navigate to Settings > My Fire TV > About and select Check for System Update. If there is an update available, you can install it right away. Your system will restart once it is done downloading.
Vulnerabilities at a glance
• Unauthorized authentication through local network PIN brute forcing. This vulnerability was caused by improper implementation of the Password Authenticated Key Exchange by Juggling (or J-PAKE) protocol that could have resulted in attackers gaining control of the device. (CVE-2023-1385)
• A vulnerability in the setMediaSource function on the amzn.thin.pl service allowed for arbitrary Javascript code to be executed. It could be used to load arbitrary HTTP URLs in the webview. (CVE-2023-1384)
• A vulnerability in the exchangeDeviceServices function on the amzn.dmgr service allowed an attacker to register services that are only locally accessible. (CVE-2023-1383)
Don't forget, if your Fire TV hasn't been upgraded the vulnerabilities will still be open for attackers to advantage of - so make sure you check your device as soon as possible.
Read next:
- Asda is giving shoppers £5 to spend in store for free this month - here's how you claim it
Tesco and Iceland recall popular Birds Eye frozen food product over 'incorrect' food in packs
Aldi limits shoppers to six bottles as Prime drinks return for £1.99
Asda starts delivering groceries to people's homes in self-driving cars