Microsoft issues four patches for 22 flaws

Share this article:

Microsoft on Tuesday doled out four patches to resolve 22 product vulnerabilities, including a unique flaw in the Bluetooth stack that could enable an attacker to take over a victim's computer.

The flaw, which impacts Windows Vista and 7 machines, is present in the Windows Bluetooth 2.1 stack. Successful attackers can piggyback on the bug to send "specially crafted Bluetooth packets" at a target machine, enabling the adversary to take control of the computer to install malware.

Microsoft encourages users to apply the "critical" patch prior to installing the others included in Tuesday's update. If they are unable to, users can uncheck a setting on their computer that prevents Bluetooth devices from connecting, Microsoft engineer Jonathan Ness explained in a blog post.

Despite the critical rating, Ness said attackers will have difficulty creating reliable exploit code. Security experts, however, said they consider the vulnerability worrisome considering the sheer number of people who work remotely and have Bluetooth enabled.

"The problem with Bluetooth is that often people have their Bluetooth devices activated and are totally unaware that they are transmitting," said Marcus Carey, a security researcher at vulnerability management firm Rapid7.  "For companies that require remote workers to connect via VPN or directly to their office for updates, it is essential that all Bluetooth users are made aware of the risks and limit their Bluetooth usage until they can be patched."

The three other bulletins released Tuesday by Microsoft are rated "important."

MS11-055 corrects a flaw in the way Visio 2003, part of Office, handles the loading of DLL files. Microsoft has been closing off similar vulnerabilities since last summer, when it issued an advisory after research revealed that a new class of vulnerabilities known as DLL (dynamic-link Library) preloading can be exploited remotely by an attacker who places a malicious library on a network share.

MS11-054, meanwhile, addresses 15 holes in the Windows Kernel-Mode drivers, and MS11-056 seals shut five bugs in the Windows Client/Server Run-Time Subsystem. Attackers can leverage these flaws to escalate their privileges on already compromised systems.

Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

TOP COMMENTS

More in News

Email promises free pizza, ensnares victims in Asprox botnet instead

Email promises free pizza, ensnares victims in Asprox ...

Cloudmark came upon an email that offers free pizza, but clicking on the link to get the coupon ends with victims being ensnared in a botnet.

Report: most orgs lacking in response team, policies to address cyber incidents

In its Q3 threat intelligence report, Solutionary learned that 75 percent of organizations it assisted had no response team or policies and procedures to address cyber incidents.

Flash redirect campaign impacts Carnegie Mellon page, leads to Angler EK

Flash redirect campaign impacts Carnegie Mellon page, leads ...

Malwarebytes found that, since early July, thousands of sites had been targeted in the campaign.