Virus' and Malware 

There is no known possibility of a virus getting in via micro:bit, for reasons listed here:

  • While the micro:bit advertises itself as a USB mass storage device (like a memory stick) it is infact a virtual device that is used only to copy programs or firmware updates onto the micro:bit.
  • The only two file types that are recognised by the micro:bit virtual drive are .hex (for programs) and .bin (firmware updates) - all other file types are ignored. The .TXT and .HTM  files that appear on the virtual drive are read only, so can't be edited.
  • Each time you re-program the micro:bit, the prevous code is erased
  • The micro:bit has  an inbuilt recovery firmware image baked onto the USB interface chip that is not user changeable, so even if it is updated, you can always roll back to a working micro:bit.
The BBC micro:bit uses anwhich is not vulnerable to the Spectre or Meltdown attacks   

For more information ARM have released a statement about affected processors on 

Restricting device usage

It is also possible to restrict USB usage on computers with some knowledge of how the devices identify themselves

Confidential Data

It is of course possible to load a micro:bit with a program that displays any data you wish it to display. In schools and libraries that are worried about this, they just reload the micro:bits with a blank program at the end of the session. Alternatively you can reload the 'first experience' hex file.

The web based editors store user programs in the browser cache. It is possible to use group policy settings or similar device management utilities to clear the browser cache on browser exit or logout, so that there is no retained history between user sessions.