Tuesday, October 17, 2006

Patches Available for Bluetooth Flaw

Brian Krebs writes on Security Fix:

Security flaws present in the software components that power wireless communications over Bluetooth on a number of popular laptop models could let attackers compromise vulnerable machines.

Bluetooth is a communications technology that allows electronic devices to exchange information wirelessly over short distances (the theoretical range is between 10 to 100 meters, depending on the class of the devices used). The problem stems from Bluetooth device drivers made by Toshiba Corp., drivers that are present not only in many Toshiba notebooks but also in a number of machines made by Dell Computer.

According to an advisory from Atlanta-based SecureWorks, an attacker would not need to have login credentials on the target computer to execute the attack. While an attacker would need to know the Bluetooth address assigned to the victim's device, this wouldn't be an issue for machines configured to allow other Bluetooth devices to discover it (one of several free Bluetooth scanning tools could be used to discover the address).

More here.


Post a Comment

<< Home