IT administrators everywhere are making collective sighs of relief as July’s Patch Tuesday features only four security bulletins. The bulletins resolve 22 reported software vulnerabilities found in Microsoft Windows and in Windows Bluetooth, among others, one of which has been tagged “critical” while the rest have been tagged “important.”
The critical bulletin fixes a privately reported vulnerability in the Windows Bluetooth Stack, which can allow an attacker to remotely execute code sent as specifically crafted Bluetooth packets to a system. Note, however, that this vulnerability only affects systems with Bluetooth capability and those that came installed with Windows 7 and Vista.
Two of the bulletins tagged “important” resolve software bugs in Microsoft Windows and in the Microsoft Windows Client/Server Runtime Subsystem (CSRSS) that may result in elevated user privilege for a remote user. The remaining bulletin resolves a publicly reported vulnerability in Microsoft Visio that can allow a remote user to have the same access rights as the logged-on user.
Users are advised to immediately download and apply these patches. For more information regarding this month’s Patch Tuesday release, visit the Trend Micro security advisory page.