Windows Bluetooth Vulnerability Patched

   On Tuesday (Jul 12 2011) Microsoft's July Patch Tuesday {Chapter 4 Security+ 3ed} addressed 22 Windows and Office vulnerabilities.  One of these was a Bluetooth vulerability in Windows 7 and Vista devices (Windows XP is not affected because it uses an older Bluetooth implementation).  Bluetooth {Chapter 4 Security+ 3ed}, although originally designed as a way to replace wires with radio-based technology, has become very popular for connecting wireless keyboards and mice to computers, particularly laptops.  This latest vulnerability (based on a memory corruption) could allow an attacker to establish a Bluetooth connection with a computer and transmit malicious data, allowing the attacker to gain access to the system.  And this could occur before the user was notified that another computer requested a Bluetooth connection.  This means that an attacker in a coffee shop 30 feet (10 meters) away from your computer could launch an attack before you could react.

   To protect yourself install the Microsoft July patch.  Also, if your computer supports Bluetooth but you do not have any Bluetooth devices you should disable it.  Click Start, Control Panel, type "Bluetooth" in the Control Panel search box, and click Change Bluetooth settings.  Under Discovery uncheck "Allow Bluetooth devices to find this computer" and uncheck "Allow Bluetooth devices to connect to this computer".

   Stay secure!

http://www.cengage.com/community/infosec