Intel has decided to kill the Intel Remote Keyboard app for Android and iOS devices in order to protect user devices from three vulnerabilities – one of which was classified as “critical”. The chip maker has also issued a Product Discontinuation notice to recommend users to uninstall the app from their devices. The app was notably launched by the company in 2015 to let users wirelessly control their Intel NUC (next unit of computing) and Intel Compute Stick computers and transform their smartphones or tablets into a virtual keyboard and mouse.
As per the security advisory dated April 3, all versions of the Intel Remote Keyboard app have been spotted with three distinct vulnerabilities. Two of the vulnerabilities, listed as CVE-2018-3645 and CVE-2018-3638, have received a severity score of “high”, while the other one, titled CVE-2018-3645, has been listed as “critical”. The critical issue essentially allows a local attacker to inject keystrokes into another remote keyboard session. Importantly, three different security researchers discovered the flaws that ultimately convinced Intel to remove the Remote Keyboard app from Google Play and Apple App Store.
“Intel has issued a Product Discontinuation notice for Intel Remote Keyboard and recommends that users of the Intel Remote Keyboard uninstall it at their earliest convenience,” the company noted in the security advisory.
The Intel Remote Keyboard app had emerged as a vital app for Intel NUC and Compute Stick. The app offered keyboard and mouse access directly through a smartphone or tablet and included features such as PC key support, custom keyboard capabilities, Windows 10 gesture controls, and multi-language support.
According to a cached version of its Google Play listing, the Intel Remote Keyboard app had over 500,000 installations and an average rating of 3.8 out of 5.0. The app received its last update in last June. The cached version was initially spotted by folks at Bleeping Computer.