If your smart light bulbs blink twice, they may be trying to tell you they’re under duress.
A vulnerability reported Wednesday by security firm Check Point could allow that to happen—along with hacks of other smart-home gadgets that employ the same widely used underlying Zigbee wireless protocol.
That’s “could” instead of “will” because Signify, the company behind the Philips-branded line of Hue smart bulbs, already patched that flaw in the firmware of the bridge base stations required by many of those connected lights. And since the Hue mobile apps come preset to install updates automatically, that patch should already be on every Hue bridge.
Does that make this a feel-good security story? No. The vulnerability documented by Tel Aviv-based Check Point Software Technologies relies on a common attack technique, and too many internet-of-things gadgets don’t come with automatic software updates. Check Point isn’t singling out any other devices as being vulnerable,…