|
Microsoft patches Bluetooth bug in Vista, Windows 7 Microsoft initiated the repair for its bugs in Vista and Windows 7. On July 12, 2011, it has patched 22 vulnerabilities that were confronted in Windows and Office. This patching included the most common Bluetooth bug of Vista and Windows 7 that was capable of hijacking any PC near to it. The four updates performed on Tuesday, were termed as “bulletins”. One out of the four, MS11-053, was labeled as “critical” referring to very dangerous, while the other three were labeled “important”, which meant dangerous at the next lower level. Based on its vulnerability, the MS11-053 was prioritized among the others, as informed by Amol Sarwate, manager of Qualys’ vulnerability research lab. He added “It could be exploited against someone using a Bluetooth mouse or headset, perhaps in a coffee shop, so it’s tremendously important that people apply the patch, or if they can’t do that, disable Bluetooth [on Vista and Windows 7].” In another comment, he added “I can see this being used in really, really targeted attacks. If someone knows you are a CEO, and may even be following you, they could exploit this to try to gain access to your system.” Another adjective given to this bug was by Marcus Carey, a security researcher with Rapid7. He said “This one’s sexy.” And added “It’s classical spy kind of stuff, being able to access [a PC] using Bluetooth when [the victim] doesn’t even know you’re there. All [an attacker] would have to do is go to Washington, D.C. or northern Virginia, where lots of U.S. government employees work, and sit at a Starbucks or somewhere else with free Wi-Fi.” After fixing the bug, the Microsoft personnel confirm the success of their updates and assure that the hackers cannot come up with an exploit for the update, at least till next month. According to Jonathan Ness, an engineer in Microsoft Security Response Center, the 48 bit Bluetooth address cannot be discovered anymore, by default. He said “In the default state, an attacker must obtain your Bluetooth address another way — either via brute forcing it or extracting it from Bluetooth traffic captured over-the-air.” “The former could take attacker hours, while the latter requires specialized hardware that costs thousands.” He added in his blog post. In another discussion, Jason Miller, manager of research and development working with VMware’s Shavlik Technologies pointed his views on this issue. He said “You could be looking at some pretty targeted attacks.” While Carey disagreed with Ness’s view about the update, he stated, “This would be complicated to pull off, but I wouldn’t say it’s expensive”. Though, all these four researchers had conflicts over their ideas about the success or failure of the MS11-053 update, they agreed at one point that users should patch MS11-055 as soon as possible. |
|