BMW fixes security flaws on its cars

BMW has patched a security flaw that left 2.2 million cars, including Rolls Royce and Mini models, open to hackers.

The flaw affected models fitted with BMW’s Connected-Drive software, which uses an on-board Sim card.

The software operated door locks, air conditioning and traffic updates but no driving firmware such as brakes or steering, BMW said.

No cars have actually been hacked, but the flaw was identified by German motorist association ADAC.

The researchers found that the cars would try to communicate via a spoofed phone network, leaving potential hackers able to control anything activated by the Sim.

The patch, which would be applied automatically, included making data from the car encrypted via HTTPS (Hyper Text Transfer Protocol Secure) the same security commonly used for online banking, BMW said.

If your car is within an area covered by a mobile phone network you should have received an update, if  its starter battery has been disconnected  then select  “Update Services” from your car’s menu.”.