Microsoft has patched a critical vulnerability in Windows 7 and Windows Vista related to the Bluetooth stack in the operating system. The bug is the lone critical vulnerability fixed in today’s Patch Tuesday release, and Microsoft officials said it’s unlikely that it can be used for remote code execution.
The patch for MS11-053 fixes a vulnerability in the way that the Bluetooth stack operates on Windows machines. Despite the low likelihood of it being exploited, it’s the most serious of the 22 vulnerabilities Microsoft fixed on Tuesday.
“First, we assigned this vulnerability with an Exploitability Index rating of “2”. We believe it will be difficult to build a reliable exploit for code execution using this vulnerability. It’s more likely that attackers will discover a way to cause a system denial-of-service (“bugcheck” / “bluescreen”) using
this vulnerability,” Microsoft’s Jonathan Ness said in a blog post analyzing the bug.
“Secondly, your system’s 48-bit Bluetooth address is not “discoverable” by default. Notice in the Bluetooth Settings screenshot above that Bluetooth devices are not allowed by default to “find” this computer. If your system were “discoverable,” it would respond to attacker SDP queries with its Bluetooth address. But in the default state, an attacker must obtain your Bluetooth address another way – either via bruteforcing it or extracting it from Bluetooth traffic captured over-the-air.”
The full rundown on the July Patch Tuesday bulletins can be found at the Microsoft TechNet site.