Microsoft's June Patch Tuesday release included a critical fix affecting all Windows Vista and XP systems, which could allow attackers to wirelessly steal confidential information from laptops by exploiting a flaw in the Bluetooth stack.
The Bluetooth stack flaw, detailed in Microsoft bulletin CVE-2008-1453 and rated 'critical', could allow an attacker to take complete control of an affected system, install programs, alter data or create new accounts with full user rights.
The MS08-030 patch modifies the way the Bluetooth stack handles a large number of service description requests.
Microsoft recommends applying the patch immediately and security experts advise users to turn off Bluetooth features until the patch has been applied.
Matthew Aburn, director of security consultancy Halcyon, said the flaw was particularly dangerous because hardware manufacturers usually set the factory default for Bluetooth as 'active'.
"Hardware-wise, most ship with Bluetooth on by default. I'd definitely recommend that if you're not using Bluetooth, you should turn it off," Aburn told ZDNet.com.au.
Rob Pregnall, Symantec's senior manager of Technical Product Management for Endpoint Security in Asia Pacific and Japan, agreed. He said hardware manufacturers should do this to make those features easier to access.
"When I look at a freshly bought machine from a reputable manufacturer, the first thing I notice is that every bell and whistle is turned on. I see it across different hardware manufacturers, including Macs," he said.
"All the different communication technologies are generally activated, so I think it's a move by manufacturers to ensure that everything is turned on so that minimal effort is needed to use the capabilities that users were sold on," Pregnall said.
In a blog, Microsoft admits that although in most cases an attacker would need to be in close range to exploit the vulnerability, there are ways to increase that distance.
"The standard range of Bluetooth is in the order of metres, although an attacker could use specialised antennas to increase this," the blog said.
This was backed up by Halcyon's Aburn.
"People look at the standard specifications for Bluetooth range of connectivity, which says you need to be so many metres away but using a directional antenna, people can target you from much further away," he said.
This month's Patch Tuesday includes fixes for a drive-by download weakness in Internet Explorer, as well as flaws in affecting Microsoft's multimedia.
The critical vulnerability affecting Internet Explorer described in CVE-2008-1442 and CVE-2008-1544 only affects Windows XP and Vista systems. The MS08-031 cumulative patch fixes a couple of vulnerabilities, including one that could allow remote code execution if a user viewed a specially crafted web page using Internet Explorer and another which could allow information disclosure if a similarly configured page was viewed using the browser.
The DirectX flaws affects all supported editions of Microsoft Windows 2000, Windows XP, Windows Server 2003, Windows Vista, and Windows Server 2008. This update addresses the vulnerability detailed in CVE-2008-0011 and CVE-2008-1444. Microsoft says the vulnerability "could allow remote code execution if a user opens a specially crafted media file. An attacker who successfully exploited either of these vulnerabilities could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights."
-
No comments:
Post a Comment