Microsoft Issues Critical Patch for Windows 7, Vista Users

Windows 7 was touted as the most secure Windows OS till date by Microsoft. However, Microsoft had to face heavy criticism from users of Windows 7 as it was considered to be plagued with different security issues.  The main security issue was related to Bluetooth bug which would allow a hacker/attacker to take control of system by sending wireless packets that contained malicious code through Bluetooth.

In response to the Bluetooth security issue in Windows 7, Microsoft said that there was a critical flaw in Windows 7 Bluetooth stack, the driver which enables the system to connect to Bluetooth devices.  The security bug would allow an attacker to gain access to the system that has Bluetooth functionality.  Microsoft further added that only system that had Bluetooth capabilities were vulnerable to any attack due to this security bug. Squashing the criticism, Jerry Brant, group manager for security response at Microsoft added that the target system having Bluetooth capability has to be in discovering mode which is not the default Bluetooth mode in Windows. Other security issues were related to kernel mode drivers and Microsoft Visio. The kernel mode drivers in Windows 7 also made system more vulnerable to an attack. The flaw was related to the improper allocation of memory when data was copied from user mode.   Other flaw related to kernel mode driver is in the way the kernel mode driver objects are managed. All these flaws would allow the attacker to execute arbitrary code in kernel mode. The vulnerability in Microsoft Visio is related to the way the binary libraries are loaded. The bug related to Microsoft Visio would allow attacker to execute remote code, if the user open a Microsoft Visio file that is located in same network directory.

Microsoft releases security patches every second Tuesday of the month to fix the security issues related to Windows OS and other windows programs. The security patch is known as Patch Tuesday. The Patch Tuesday released in month of July is mainly intended to fix the Bluetooth security issue in Windows 7. The Patch Tuesday contains a patch to fix the critical hole that is related to Bluetooth issue in Windows 7 and Windows Vista. The critical patch also contains three different patches intended to plug all holes that affect Visio 2003 and all supported version of Windows. The security patch is also intended to fix 15 vulnerabilities in Windows Kernel mode driver and a vulnerability that is related to Microsoft Visio. The latest Patch Tuesday will also fix five bugs related to Microsoft Windows Client. Security Experts and industry were eagerly waiting for this critical patch as the users are increasingly using host of Bluetooth devices on their system such as Bluetooth headsets, printers, mouse and keyboards which increased systems’ vulnerability in absence of this patch.

Leave a Reply

Your email address will not be published. Required fields are marked *