New security risk? - Bluetooth device paired with Windows even though onboard Bluetooth is disabled in BIOS

Hi!

I had a really weird experience with my desktop computer. Even though Bluetooth was disabled in BIOS, I started hearing audio playback from Momentum 4 wireless Bluetooth headphones after connecting them to Samsung S23. I could also control YouTube playback (start & stop) with the headphones.

Background info (Desktop)

Windows 11 Pro: Latest updates installed
Asus Z790 Creator: Onboard Bluetooth disabled in BIOS (Bios version 0816)
Asus z790 Creator: Onboard WiFi disabled in Bios (I don’t other WiFi devices, either)
Connected devices: Logitech Bolt (Mouse & Keyboard), RME Audio Interface, Kingston SD Reader
Monitor: LG 40WP95C-W, connected via mini Displayport - USB-C cable from RTX 4070 Ti

Background info (S23)

Latest firmware installed
Latest updates installed

What happened?

  1. Paired Momentum 4 headphones with Samsung S23

  2. Installed Sennheiser Smart control app on Samsung S23

  3. Updated Momentum 4 firmware

  4. Went to my desktop and wondered why I cannot hear the sound

  5. Realized that audio playback is coming from Momentum 4 headphones

I don’t know at which point Windows connected to Momentum 4 headphones

Findings

Asus Z790: Onboard Bluetooth still disabled
Asus Z790: Onboard WiFi still disabled
Windows 11: Bluetooth on-off switch not shown
Windows 11: Momentum 4 shown under “Bluetooth & Devices > Devices > Audio”
Windows 11: “System > Sound > Volume Mixer” Momentum 4 shown as Output device and Input device
Smart Control App (S23): “Momentum 4 > Connection Management” Only Galaxy S23 shown, Desktop not shown.

Thus, Sennhaiser Smart Control App doesn’t know that Momentum 4 is connected to Windows 11.

Replication

  1. Removed Momentum 4 from Windows 11 “Bluetooth & Devices > Devices > Audio”
  2. Could not replicate steps 1-3

Notes

I should have removed Logitech Bolt receiver while the audio was playing from the headphones just to what happens. However, it was too late when I realized this. I also should have tested what happens if I put other Bluetooth devices in pairing mode.

Turning Bluetooth on

  1. ASUS Z790: Enabled onboard Bluetooth
  2. Restarted
  3. Connected Momentum 4 to Desktop

Findings

Windows 11: Momentum 4 shown under “Bluetooth & Devices > Devices > Audio”
Windows 11: Bluetooth on-off switch is shown
Windows 11: “System > Sound > Volume Mixer” Momentum 4 shown as Output device and Input device
Smart Control App (S23): “Momentum 4 > Connection Management” Both Galaxy S23 and Desktop are shown
Windows 11: Audio playback from Momentum 4 headphones works fine

Possible diagnosis

The following devices don’t have a Bluetooth connection: RME Audio Interface, Kingston SD Reader, LG 40WP95C-W1

Thus, there are pretty much only two of explanations that I can think of and all of them seem very unlikely.
a) The Bluetooth connection has been formed with Logitech Bolt receiver
b) The onboard Bluetooth device could be on even though it’s disabled in BIOS

There are no other Bluetooth receivers connected to my desktop.
Samsung S23 and the desktop should not be connected in any other way, either.

a) Bolt receiver should not work with other Bluetooth peripherals. “Likewise, both Unifying and Bolt are proprietary technologies from Logitech. Therefore, they’re not compatible with wireless peripherals from other brands.” (makeuseof)
b) I’ve never heard that devices that are disabled in BIOS could work.

Security Risk

If peripherals are able to connect to Windows 11 even though Bluetooth is off, this sounds like a security risk.

Bios Update

I updated Z790 Bios from version 8016 to 0904. I’ll be reinstalling Windows 11 in a few days. I will check if I’m able to replicate this issue.

Questions

  1. Do you have any idea how Momentum 4 was able to connect to Windows 11? It there something obvious that I’m just missing?

  2. f I don’t want my desktop to connect to Bluetooth devices automatically which one of these is a safer option?

a) Enable onboard Bluetooth device and disable Bluetooth from Windows.
b) Disable onboard Bluetooth and hope that this kind of situation doesn’t happen again.

Thank you!
TK

1 Like

Just another, “You didn’t really mean to turn that off, here, let’s get that working again in the background. Don’t worry, we won’t tell you it’s on. Let us worry about that.” Microsoft moment.

If it’s turned off, they can’t make money slurping the rich creamy data going through that connection, so they turn it back on and cha-ching! BIOS SCHMIOS.

You thought that because you paid for it, it’s your computer?

5 Likes

Here’s the best explanation I’ve got:

“I think that what is happening is that when you disable it in BIOS, the firmware is like “okay, we won’t tell windows about this device”, so when windows boots and it asks the chipset “hey, what devices do you have?” it gives the whole list and leaves out the BT adapter. But it doesn’t actually disable anything by, like, cutting power to it. And there is some watchdog in the firmware that basically watches for any incoming connections and when it sees one it doesn’t even stop to check if the adapter is enabled or disabled, it just straight up forwards the handshake to the OS. Windows, being the helpful friendly neighborhood OS it is, say’s “Oh cool, a handshake? I know what to do with those” and just establishes the connection and, it being a new audio device, starts using it.”

This topic was automatically closed 273 days after the last reply. New replies are no longer allowed.