(LiveHacking.Com) — As expected, Microsoft has released 4 security bulletins to address 22 vulnerabilities in Windows and Office. One of the bulletins is rated Critical, and the other three as Important. Microsoft has marked one bulletin, MS11-053, as a high deployment priority:
- MS11-053 (Bluetooth Stack). This security bulletin resolves one privately reported vulnerability in the Windows Bluetooth Stack. This bulletin is rated Critical for Windows Vista and Windows 7 platforms. All prior versions of Windows are unaffected.
Microsoft is encouraging all customers to apply MS11-053 first, before deploying the rest of the July updates. If you have Automatic Update enabled on your computer, you will not need to take any action; the tool ensures that the updates are applied and the system is protected.
According to the executive summary, the vulnerability resolved in MS11-053 could allow remote code execution if an attacker sent a series of specially crafted Bluetooth packets to an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Naturally it only affects systems with Bluetooth capability.
On the Microsoft Office front, Redmond fixed a problem with Visio. The vulnerability could allow remote code execution if a user opens a legitimate Visio file that is located in the same network directory as a specially crafted library file. An attacker who successfully exploited this vulnerability could gain the same user rights as the logged-on user.