Home page logo
/

basics logo Security Basics mailing list archives

Re: MS08-030 - Critical (if you do not run bluetooth?)
From: Chris <cweindel () gmail com>
Date: Thu, 2 Apr 2009 11:20:52 -0500

This is only a good point if you also have a technology in place that
can STOP someone from installing a bluetooth device (like USB endpoint
security, etc).

On another note, if there IS a risk, regardless of how small it
appears (to you), that can easily and quickly mitigate automatically,
why not fix the vulnerability?

C

On Mon, Mar 30, 2009 at 9:08 AM, Eggleston, Mark
<meggleston () healthpart com> wrote:
What are folks doing about this patch:

"MS08-030 - Critical
Vulnerability in Bluetooth Stack Could Allow Remote Code Execution
(951376)
* This vulnerability only affects systems with Bluetooth capability."

Given the classic risk formula (Risk = Threat x Vulnerability) it is
logical to determine that if your desktops do not have Bluetooth
functionality and user's cannot install such devices, the attack vector
is cut off, so the threat is mostly non-existent, thereby making the
risk negligible.

I am leaning towards patching as just part of good patch management
hygiene, but what would you do if you have no intention to deploy
Bluetooth on your devices?

Regards,

Mark

This message, together with any attachments, is intended only for
the use of the individual or entity to which it is addressed. It
may contain information that is confidential and prohibited from
disclosure. If you are not the intended recipient, you are hereby
notified that any dissemination or copying of this message or any
attachment is strictly prohibited. If you have received this
message in error, please notify the original sender immediately by
telephone or by return e-mail and delete this message along with
any attachments, from your computer.

------------------------------------------------------------------------
This list is sponsored by: InfoSec Institute

No time or budget for traveling to a training course in this fiscal year? Check out the online information security 
courses available at InfoSec Institute. More than a boring "talking head", train in our virtual labs for a total 
hands-on training experience. Get the certs you need: CEH, CPT, CEPT, CISA, CISSP, CISM

http://www.infosecinstitute.com/request_online_training.html
------------------------------------------------------------------------



------------------------------------------------------------------------
This list is sponsored by: InfoSec Institute

No time or budget for traveling to a training course in this fiscal year? Check out the online information security 
courses available at InfoSec Institute. More than a boring "talking head", train in our virtual labs for a total 
hands-on training experience. Get the certs you need: CEH, CPT, CEPT, CISA, CISSP, CISM

http://www.infosecinstitute.com/request_online_training.html
------------------------------------------------------------------------


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault