Microsoft Addresses Critical Bluetooth Stack Security Flaw
Microsoft recently mitigated a security flaw related to Bluetooth stack. The mitigated flaw was one among the 22 vulnerabilities fixed by the software giant in the recent Patch Tuesday. Microsoft has rated the Bluetooth stack vulnerability, which affects Windows Vista and Windows 7 as critical. All other versions of Windows operating system remain unaffected by the vulnerability. The flaw could cause remote code execution. The company has urged users to give top priority to the security update issued for addressing the vulnerability. Microsoft has given an exploitability index rating of 2 to this security flaw, as the security researchers of the company opine that it is difficult to build a reliable exploit to execute code through this flaw. However, in case users who have paired a Bluetooth peripheral, an attacker may track and extract the Bluetooth address by intercepting the transmitted traffic through some devices available in the market. The security flaw is not exploitable through the web and attacker needs to be nearby the potential victim to achieve success through brute-forcing. Again, Bluetooth addresses are not identifiable by default, which makes the job of the attacker that much complicated.
Computer users may also avoid exploitation of the critical vulnerability by disallowing Bluetooth devices from connecting to the computer by unchecking the options under the Connections setting in Bluetooth settings window. Fraudsters may attempt to leverage the Increasing use of Smartphones and other wireless devices in enterprises to exploit vulnerabilities. Organizations must educate employees on different precautions to be adhered while using mobile phones, and connecting their portable devices to hotspots. Employees may benefit from online IT degree programs and e-tutorials to enhance their awareness on computer and wireless security.
Hiring professionals qualified in security certifications and IT degree programs may help organizations in understanding various computer, wireless and network security related threats. Awareness of the security threats in the business environment allows formulation of appropriate security policies and practices.
Internet users may benefit from online IT courses and improve their awareness on computer and IT security fundamentals, different online threats and inculcate best practices to safeguard their computer systems and wireless devices from infiltration, unauthorized remote access and malicious attacks.
Contact Press
EC-Council
Website: http://www.eccuni.us
Email: iclass@eccouncil.org
Tel: 505-341-3228
EC-Council University is based in Albuquerque, New Mexico and offers Master of Security Science (MSS) degree to students from various backgrounds such as graduates, IT Professionals, and military students amongst several others. The MSS is offered as a 100% online degree program and allows EC-Council University to reach students from not only the United States, but from all around the world.
EC-Council is a member-based organization that certifies individuals in cybersecurity and e-commerce skills. It is the owner and developer of 16 security certifications, including Certified Ethical Hacker (CEH), Computer Hacking Forensics Investigator (CHFI) and EC-Council Certified Security Analyst (ECSA)/License Penetration Tester (LPT). Its certificate programs are offered in over 60 countries around the world.
EC-Council has trained over 80,000 individuals and certified more than 30,000 members, through more than 450 training partners globally. These certifications are recognized worldwide and have received endorsements from various government agencies including the U.S. federal government via the Montgomery GI Bill, Department of Defense via DoD 8570.01-M, National Security Agency (NSA) and the Committee on National Security Systems (CNSS). EC-Council also operates the global series of Hacker Halted security conferences.
Processing your request, Please wait....
