Apple has released a security update for its Magic Keyboard that prevents an attacker from being able to exploit its Bluetooth connection.
The company announced the release of Magic Keyboard Firmware Update 2.0.6 in a support document published today.
--- Magic Keyboard Firmware Update 2.0.6
Bluetooth ● Available for: Magic Keyboard; Magic Keyboard (2021); Magic Keyboard with Numeric Keypad; Magic Keyboard with Touch ID; and Magic Keyboard with Touch ID and Numeric Keypad
● Impact: An attacker with physical access to the accessory may be able to extract its Bluetooth pairing key and monitor Bluetooth traffic
● Description: A session management issue was addressed with improved checks.
● CVE-2024-0230: Marc Newlin of SkySafe ---
There is no way to manually install the update. Firmware updates are automatically delivered in the background while the Magic Keyboard is actively paired to a device running macOS, iOS, iPadOS, or tvOS.
You can check the firmware version of your Magic Keyboard in Bluetooth settings on your Mac. Go to System Settings > Bluetooth, then click on the Info button next to your keyboard. After this firmware update is installed, the firmware version is 2.0.6.