Security Basics mailing list archives
Re: MS08-030 - Critical (if you do not run bluetooth?)
From: Chris <cweindel () gmail com>
Date: Thu, 2 Apr 2009 11:20:52 -0500
This is only a good point if you also have a technology in place that can STOP someone from installing a bluetooth device (like USB endpoint security, etc). On another note, if there IS a risk, regardless of how small it appears (to you), that can easily and quickly mitigate automatically, why not fix the vulnerability? C On Mon, Mar 30, 2009 at 9:08 AM, Eggleston, Mark <meggleston () healthpart com> wrote:
What are folks doing about this patch: "MS08-030 - Critical Vulnerability in Bluetooth Stack Could Allow Remote Code Execution (951376) * This vulnerability only affects systems with Bluetooth capability." Given the classic risk formula (Risk = Threat x Vulnerability) it is logical to determine that if your desktops do not have Bluetooth functionality and user's cannot install such devices, the attack vector is cut off, so the threat is mostly non-existent, thereby making the risk negligible. I am leaning towards patching as just part of good patch management hygiene, but what would you do if you have no intention to deploy Bluetooth on your devices? Regards, Mark This message, together with any attachments, is intended only for the use of the individual or entity to which it is addressed. It may contain information that is confidential and prohibited from disclosure. If you are not the intended recipient, you are hereby notified that any dissemination or copying of this message or any attachment is strictly prohibited. If you have received this message in error, please notify the original sender immediately by telephone or by return e-mail and delete this message along with any attachments, from your computer. ------------------------------------------------------------------------ This list is sponsored by: InfoSec Institute No time or budget for traveling to a training course in this fiscal year? Check out the online information security courses available at InfoSec Institute. More than a boring "talking head", train in our virtual labs for a total hands-on training experience. Get the certs you need: CEH, CPT, CEPT, CISA, CISSP, CISM http://www.infosecinstitute.com/request_online_training.html ------------------------------------------------------------------------
------------------------------------------------------------------------ This list is sponsored by: InfoSec Institute No time or budget for traveling to a training course in this fiscal year? Check out the online information security courses available at InfoSec Institute. More than a boring "talking head", train in our virtual labs for a total hands-on training experience. Get the certs you need: CEH, CPT, CEPT, CISA, CISSP, CISM http://www.infosecinstitute.com/request_online_training.html ------------------------------------------------------------------------
Current thread:
- MS08-030 - Critical (if you do not run bluetooth?) Eggleston, Mark (Apr 02)
- Re: MS08-030 - Critical (if you do not run bluetooth?) Robin Wood (Apr 03)
- Re: MS08-030 - Critical (if you do not run bluetooth?) Chris (Apr 03)
- <Possible follow-ups>
- Re: MS08-030 - Critical (if you do not run bluetooth?) krymson (Apr 03)
- Re: Re: MS08-030 - Critical (if you do not run bluetooth?) ad33lh (Apr 03)