• Microsoft’s BlueBorne fix for CVE-2017-8628 arrived in both July and September

    Posted on September 14, 2017 at 14:09 CDT by Comment in the Forums

    I read the news about the BlueBorne Bluetooth attack vector with a sigh of relief. Microsoft fixed the security hole back in July, yes?

    Well, maybe no.

    Dan Goodin at Ars Technica says:

    Microsoft patched the vulnerabilities in July during the company’s regularly scheduled Patch Tuesday. Company officials, however, didn’t disclose the patch or the underlying vulnerabilities at the time.

    Now I’m hearing from @MrBrian and other sources that may not be the case. Says @MrBrian:

    The fixes for “CVE-2017-8628 | Microsoft Bluetooth Driver Spoofing Vulnerability” for some operating systems were apparently first delivered in July 2017, and for other operating systems in September 2017. Evidence: Look at when file bthpan.sys (https://support.microsoft.com/en-us/help/4034786/bluetooth-driver-spoofing-vulnerability) that was updated by Microsoft July 2017 or later was first made available for a given operating system.

    Sure enough, if you go to that page and click the link “For all supported x-64 based systems,” you see that bthpan.sys was updated on July 14. But Microsoft’s official CVE-2017-8628 page lists dozens of patches, all of which were released on September 12.

    Can anybody shed some light? If you click on the heading in this post and put something in the Comments box, they’ll appear! We just don’t have the Lounge (and bbPress) back.

    Still no definitive word on when the Lounge will be back up. Argh.

    Windows Patches/Security ,
DON'T MISS OUT!
Subscribe to the Free Newsletter
We promise not to spam you. Unsubscribe at any time.
Invalid email address

View the Forum

  • Recent Replies
  • My Replies
  • My Active Topics
  • New Posts in the Last day
  • Private Messages
  • Knowledge Base
  • How to use the Forums
  • All Forums

    • Recent Topics

    My Profile

    May 2025
    S M T W T F S
     123
    45678910
    11121314151617
    18192021222324
    25262728293031

    Remembering Woody

     

    Want to Advertise in the free newsletter? How about a gift subscription in honor of a birthday? Send an email to sb@askwoody.com to ask how.

    Mastodon profile for DefConPatch
    Mastodon profile for AskWoody

     

    Home About FAQ Posts & Privacy Forums My Account
    Register Free Newsletter Plus Membership Gift Certificates MS-DEFCON Alerts

    Copyright ©2004-2025 by AskWoody Tech LLC. All Rights Reserved.