• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

Microsoft Windows Bluetooth Stack Remote Code Execution Vulnerability

Microsoft Windows is prone to a remote code-execution vulnerability because its implementation of the Bluetooth stack fails to adequately handle a flood of specially crafted SDP (Service Discovery Protocol) requests.

To exploit this issue, an attacker must be within close physical proximity of the affected computer.

Attackers can exploit this issue to execute arbitrary code with SYSTEM-level privileges. Successful exploits will completely compromise affected computers.

This issue affects only computers with Bluetooth capability.