Microsoft released four (4) bulletins, one rated Critical and three rated Important. The bulletins address issues in Microsoft Windows and Office. Twenty-two (22) vulnerabilities are be closed with those bulletins.
Although an an Exploitability Index rating of 2, Microsoft identified MS11-053 as the highest deployment priority for the July updates:
MS11-053 (Bluetooth Stack). This security bulletin resolves one privately reported vulnerability in the Windows Bluetooth Stack. This bulletin is rated Critical for Windows Vista and Windows 7 platforms. All prior versions of Windows are unaffected.As indicated in the below-linked Security Research and Defense blog post, if you are not yet prepared to install the MS11-053 security update, you can close off the attack surface by preventing any Bluetooth device from connecting to your computer.
In reviewing the Executive Summaries from the Security Bulletin Summary, note that updates are included that will require a restart. Regardless of the recommendation, it is always best to restart your computer after applying updates.
Support
The following additional information is provided in the Security Bulletin:- The affected software listed have been tested to determine which versions are affected. Other versions are past their support life cycle. To determine the support life cycle for your software version, visit Microsoft Support Lifecycle.
- Customers in the U.S. and Canada can receive technical support from Security Support or 1-866-PCSAFETY. There is no charge for support calls that are associated with security updates. For more information about available support options, see Microsoft Help and Support.
- International customers can receive support from their local Microsoft subsidiaries. There is no charge for support that is associated with security updates. For more information about how to contact Microsoft for support issues, visit International Help and Support.
References
- MSRC: A guide to exploit mitigations and the July 2011 security bulletin release
- SRD: MS11-053: Vulnerability in the Bluetooth stack could allow remote code execution
- TechNet: Microsoft Security Bulletin Summary for July 2011
No comments:
Post a Comment