 |
|
||||
|
Microsoft Patch Tuesday: June 2008By Pedro HernandezJune 10, 2008
Microsoft released patches for several vulnerabilities today including one that might give pause to gadget lovers that enjoy pairing their PCs to wireless peripherals. A vulnerability in the Bluetooth stack in both Windows XP and Vista can be potentially used to gain complete access to a system, provided that the Bluetooth radio is active, of course. Microsoft Security Bulletin MS08-030 spells it out: A remote code execution vulnerability exists in the Bluetooth stack in Microsoft Windows because the Bluetooth stack does not correctly handle a large number of service description requests. The vulnerability could allow an attacker to run code with elevated privileges. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete date; or create new accounts with full user rights. Although initially alarming given the ubiquity of Windows and Bluetooth, one factor, namely distance, is the biggest barrier to a successful attack, according to security engineer Tyler Reguly of nCircle. In an email to Enterprise IT Planet he states, "I find this interesting simply because we're seeing a vulnerability in a wireless protocol that is quite popular. It is remote code execution in both XP and Vista. People traveling with laptops are probably the most likely to have Bluetooth enabled. It's important to keep in mind the limited range of Bluetooth, which is what, in my opinion, somewhat limits the severity of the vulnerability." Other critical patches this month include a roll-up of fixes for Internet Explorer (MS08-031) and one for the Windows graphic and sound component, DirectX (MS08-033). In IE's case, Microsoft put to bed two flaws, HTML Objects Memory Corruption and Request Header Cross-Domain Information Disclosure, that affect versions 5, 6 and 7 of the browser in varying degrees of severity. Under the "important" heading are patches for Windows Internet Name Service (MS08-034), the Pragmatic General Multicast (PGM) protocol under Windows XP and Server 2003 (MS08-036) and an Active Directory denial-of-service (DoS) bug (MS08-035). The latter is sure to grab the attention of corporate IT staffers. Reguly explains, "This is probably the most interesting to enterprise environments as they will most likely have AD deployments. It actually replaces a previous AD DoS from earlier this year and affects everything that could be running AD, all the way up to Server 2008. While this doesn't affect most systems in a enterprise environment, it does affect any/all domain controllers that exist and these are considered critical infrastructure." This month's lone "moderate" patch addresses a flaw in the Microsoft Speech API (MS08-032) that makes stumbling across the wrong webpage in IE a dangerous proposition if speech recognition is enabled. Finally, the Malicious Software Removal Tool gets a hardy update this month in the form of detection for the following trojan-heavy list of malware: Ceekat, Corripio, Frethog, Lolyda, Storark, Taterf, Tilcun, and Zuten.
|
|
|
|
Email
Print
Digg This
Add to del.icio.us
