MS11-053: Vulnerability in Bluetooth Stack could allow remote code execution: July 12, 2011

Microsoft has released security bulletin MS11-053. To view the complete security bulletin, visit one of the following Microsoft websites:

• Home users:
  http://www.microsoft.com/security/pc-security/bulletins/201107.aspx

  (http://www.microsoft.com/security/pc-security/bulletins/201107.aspx)
  Skip the details: Download the updates for your home computer or laptop from the Microsoft Update Web site now:
  http://update.microsoft.com/microsoftupdate/

  (http://update.microsoft.com/microsoftupdate/)
• IT professionals:
  http://www.microsoft.com/technet/security/bulletin/MS11-053.mspx

  (http://www.microsoft.com/technet/security/bulletin/MS11-053.mspx)

How to obtain help and support for this security update

Help installing updates: Support for Microsoft Update

Security solutions for IT professionals: TechNet Security Troubleshooting and Support

Help protect your computer that is running Windows from viruses and malware: Virus Solution and Security Center

Local support according to your country: International Support

Known issues and additional information about this security update

The following articles contain additional information about this security update as it relates to individual product versions. The articles may contain known issue information. If this is the case, the known issue is listed below each article link.

• 2532531

  (http://support.microsoft.com/kb/2532531/ )

  MS11-053: Description of the update for Bluetooth Stack for Windows 7 and Windows Vista Service Pack 2: July 12, 2011
  Known issues in security update 2532531:
  • If you are running Windows 7, we recommend that you install update 2552343 before you install this security update. Your system is automatically offered update 2552343 when you use Microsoft Update.
  • After you install this security update, you may be prompted to install this security update again when you scan the system by using Windows Update, Microsoft Update, Microsoft Windows Server Update Services (WSUS) server or Microsoft Baseline Security Analyzer (MBSA). This issue may occur if you installed this security update, but you have not installed update 2552343. To resolve this issue, approve the installation of update 2552343 in WSUS or install update 2552343
    (http://support.microsoft.com/kb/2552343)
    from Windows Update, Microsoft Update or from the Microsoft Download center, or re-install the security update a second time. You should not see any subsequent re-offer.
    
    For more information about this issue, click the following article number to view the article in the Microsoft Knowledge Base:
    2552343

    (http://support.microsoft.com/kb/2552343/ )

    Time-out error occurs when you install a Windows Update package that contains drivers on a computer that is running Windows 7 or Windows Server 2008 R2
  • Affected Windows Vista SP1 systems that are upgraded to Windows Vista SP2
    
    Consider the following scenario. You are running a system that was upgraded from Windows Vista Service Pack 1 to Windows Vista Service Pack 2. Regardless if the system has update 942567 installed, the system will have support for Bluetooth 2.1 technology and is affected by this vulnerability. Therefore, you must install this security update.
    
    
    
    For more information about update 942567, click the following article number to view the article in the Microsoft Knowledge Base:
    942567

    (http://support.microsoft.com/kb/942567/ )

    Description of the Windows Vista Feature Pack for Wireless
  • Windows Vista and Windows 7 systems without Bluetooth technology
    
    Windows Vista and Windows 7 support a wide range of Bluetooth radios. Windows Vista and Windows 7 will install the Bluetooth driver when a removable Bluetooth device is added to the system. In order to protect customers in this situation, all Windows Vista SP2 and Windows 7 systems are considered to be affected by this vulnerability, even if the system does not currently have a Bluetooth device installed.
    
    For more information, visit the following MSDN webpage:
    Bluetooth Wireless Technology FAQ - 2010

    (http://msdn.microsoft.com/en-us/windows/hardware/gg487349.aspx)
• 2561109

  (http://support.microsoft.com/kb/2561109/ )

  MS11-053: Description of the update for Bluetooth Stack for Windows Vista Service Pack 1: July 12, 2011
  Known issues in security update 2561109:
  • Affected Windows Vista SP1 systems
    
    If you are running Windows Vista Service Pack 1 and you have installed update 942567, your system will have support for Bluetooth 2.1 technology and is affected by this vulnerability. Therefore, you must install this security update.
    
    If you are running Windows Vista Service Pack 1 and you have not installed update 942567, your system will not have support for Bluetooth 2.1 technology and is not affected by this vulnerability.
    
    For more information about update 942567, click the following article number to view the article in the Microsoft Knowledge Base:
    942567

    (http://support.microsoft.com/kb/942567/ )

    Description of the Windows Vista Feature Pack for Wireless