Patch Tuesday Includes Wireless Vulnerability

June 11th, 2008 | Category: Technology News

On Tuesday, Microsoft released safety measure fixes for desktop users and network administrators alike. Seven safety measure bulletins address 10 vulnerabilities, three of them critical.

safety measure researchers say the critical patches that affect Windows desktop users should be given the highest priority.

There are plus three crucial patches, MS08-034, MS08-035 and MS08-036, that affect Windows servers, as well as a moderate patch. Managers of Windows servers should install these patches. MS08-032 is the moderate patch and addresses the “kill bit” for Windows. The patch disables cipher with a known safety measure bug.

Betting on Bluetooth

“The vulnerability in the Bluetooth stack is particularly noteworthy considering it allows an attacker in range of a Bluetooth-enabled device running Windows XP or Vista to take control of that device,” said Ben Greenbaum, senior research manager for Symantec safety measure Response. “User interaction is not needed. All that is mandatory is for the device to have Bluetooth on and to be within range of

the attacker.”

Tyler Reguly, a safety measure engineer with nCircle, a network safety measure firm that works with companies like ESPN and Safeway and government agencies like the FCC, said he finds the Bluetooth patch interesting considering it’s a vulnerability in a popular wireless protocol.

“It is remote cipher execution in both XP and Vista. humans traveling with laptops are probably the most likely to have Bluetooth enabled,” Reguly said. “It’s fundamental to keep in mind the limited range of Bluetooth, which is what, in my opinion, somewhat limits the severity of the vulnerability.”

The IE Trend

According to Amol Sarwate, manager of the vulnerability research lab at Qualys, the most serious of that month’s patches is the vulnerability in World Wide Web Explorer, MS08-031, which is a zero-day threat.

“Victims would only need to visit a compromised site in order to be affected by the remote cipher for viruses, worms and other…

Orginal post by Mike

Share and Enjoy: These icons link to social bookmarking sites where readers can share and discover new web pages.
  • Digg
  • del.icio.us
  • Netvouz
  • DZone
  • ThisNext
  • MisterWong
  • Wists

Related Articles
  • Microsoft Releases Emergency safety measure Patch
  • Firefox 3 Vulnerability Rains on Mozilla Download Parade
  • June Patch Tuesday Addresses Bluetooth, Kill Bit
  • Problems Reported with DNS Vulnerability Patch
  • Patch Tuesday Light, But protection Fixes Are Critical

    • No comments yet. Be the first.

    Leave a reply