Microsoft Fixes 22 Security Holes, Including 'Sexy' Bluetooth Bug
Microsoft today (July 12) issued four patches for 22 security vulnerabilities in its popular software, including Windows and Office.
Three of the patches for Microsoft Windows are labeled "important" and one "critical." The latter means an attacker could remotely execute malicious code or gain unauthorized levels of control over infected Windows systems.
Programs covered by the "important" patches include Microsoft Office and Microsoft Visio 2003 Service Pack 3, Microsoft wrote on its TechNet blog.
The sole "critical" patch included in this month's update fixes a serious hole in the way Vista and Windows 7 handle Bluetooth communications. (Windows XP is not affected.)
"This one's sexy," Marcus Carey, a security researcher with Boston's Rapid7, told CSO Online. "It's classical spy kind of stuff, being able to access [a PC] using Bluetooth when [the victim] doesn't even know you're there."