Apple pushed firmware version 1B211 to Beats Studio Buds on Thursday, addressing a serious vulnerability that could let attackers eavesdrop through microphones. The update specifically targets an issue where unpaired devices actively seeking connections remain exposed to Bluetooth-range attacks.

According to Apple's support documentation, the flaw (CVE-2025-20701) stems from open source code used in the firmware, with Apple software among the affected projects. Unlike three concurrent AirPods firmware releases that only mention generic bug fixes, this Beats update explicitly acknowledges security concerns requiring immediate attention.

Users cannot manually trigger the update. Instead, Apple requires fully-charged Beats headphones connected via Bluetooth to an Apple device running the latest iOS, iPadOS, or macOS. After placing earbuds in the case or powering down the device, users must wait at least 30 minutes for the firmware to install automatically.

The security patch arrives amid growing scrutiny of wireless earbuds and their attack surfaces. While the AirPods updates released alongside this fix remain vague about improvements, Apple's transparency about the Beats vulnerability signals recognition of the privacy risks inherent in always-listening Bluetooth accessories.