Microsoft has released this month’s patches, and if you have a Windows Vista or 7 computer with bluetooth, you should update now.
You’ll find the full list of this month’s Microsoft patches on their July Patch Day summary page. The summary describes three flaws that affect Windows and its components, and one flaw that affects Visio (included in some Office packages).
The Windows Bluetooth Stack code execution vulnerability poses, by far, the worst risk, which is why Microsoft rates it as Critical. By simply sending some specially crafted Bluetooth packets, an attacker could exploit this flaw to gain complete control of you computer.
Microsoft rates the remaining updates as Important. I’d definately apply the Bluetooth Stack patch first, at least on computers that have Bluetooth adapters. I’d probably install the Visio update next, as users often click on Office documents without thinking. Finally, shore up the remaining Windows updates. Whichever order you apply them, I’d recommend downloading, testing, and deploying this patches as soon as you can.
We’ll post more detailed alerts about these flaws, and how to fix them, shortly. —Corey Nachreiner, CISSP (@SecAdept)