CVE-2008-1453

Name of the Vulnerable Software and Affected Versions Microsoft Windows XP versions SP2 through SP3 Microsoft Windows Vista versions Gold through SP1

Description A remote code execution issue exists in the Bluetooth stack due to incorrect handling of a large number of service description requests. This could allow an attacker to run code with elevated privileges, potentially taking complete control of an affected system. The attacker could then install programs, view, change, or delete data, or create new accounts with full user rights.

Recommendations For Microsoft Windows XP versions SP2 through SP3, update to a version that correctly handles service description requests to prevent exploitation. For Microsoft Windows Vista versions Gold through SP1, update to a version that correctly handles service description requests to prevent exploitation. As a temporary workaround, consider disabling Bluetooth functionality until a patch is available.