The Hacker News Logo
Subscribe to Newsletter

Microsoft Vulnerability in Bluetooth Stack Could Allow Remote Code Execution

Microsoft Vulnerability in Bluetooth Stack Could Allow Remote Code Execution

The single Critical vulnerability in today’s batch of security updates addresses an issue in the Bluetooth stack. Your workstations’ risk to this vulnerability varies, depending on a number of factors. I’d like to use this blog post to outline those risk factors.


This security update resolves a privately reported vulnerability in the Windows Bluetooth Stack. The vulnerability could allow remote code execution if an attacker sent a series of specially crafted Bluetooth packets to an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. This vulnerability only affects systems with Bluetooth capability.
This security update is rated Critical for all supported editions of Windows Vista and Windows 7. For more information, see the subsection, Affected and Non-Affected Software, in this section.

The security update addresses the vulnerability by modifying the way that the Windows Bluetooth Stack handles objects in memory. For more information about the vulnerability, see the Frequently Asked Questions (FAQ) subsection for the specific vulnerability entry under the next section, Vulnerability Information.

Affected Software/Operating System : 
Windows Vista Service Pack 1 , Windows Vista Service Pack 2 , Windows Vista x64 Edition Service Pack 1 , Windows Vista x64 Edition Service Pack 2 , Windows 7 for 32-bit Systems and Windows 7 for 32-bit Systems Service Pack 1 , Windows 7 for x64-based Systems and Windows 7 for x64-based Systems Service Pack 1

Read More at http://www.microsoft.com
Have something to say about this article? Comment below or share it with us on Facebook, Twitter or our LinkedIn Group.
SHARE
Comments
Latest Stories
Best Deals

Newsletter — Subscribe for Free

Join over 500,000 information security professionals — Get the best of our cyber security coverage delivered to your inbox every morning.