A security research firm has discovered a serious vulnerability in
WIDCOMM’s widely deployed Bluetooth Connectivity Software that could lead to
wireless delivery of malicious worms and viruses.
According to an advisory from
British security firm Pentest, an unauthenticated remote attacker could
exploit the flaw to submit malformed service requests via Bluetooth
trigger a buffer overflow.
Buffer overflows
hackers to execute arbitrary code on vulnerable systems.
In theory, security experts say, this could pave the way for the creation
of a wireless worm that spreads between PCs or PDAs using Bluetooth.
“Worms like this could spread very fast, especially in an environment
like a seminar or a conference,” said Jarno Niemela, a virus tracker at
F-Secure.
The WIDCOMM Bluetooth Communications software powers integrated Bluetooth
support on a range of devices. The company also supplies Bluetooth SDKs to
enable developers to create applications that use Bluetooth. WIDCOMM’s
partners include big-name technology firms like Logitech, Samsung, Sony,
Texas Instruments, Compaq and Dell.
Pentest said it tested the vulnerabilities against BTStackServer version
1.3.2.7 and 1.4.2.10 on both Windows XP and Windows 98, which ships with MSI
Bluetooth dongles. A proof-of-concept exploit was also provided.
Secunia rated the flaw as “highly critical” and noted that WIDCOMM plans
to provide a fix in an upcoming Version 3. Secunia also urged users to
limit exposure by configuring the Bluetooth device to be in either non-discoverable
or hidden mode.
The Bluetooth flaw warning comes on the heels of the recent discovery
of the first computer virus spreading via cell phone networks.
That worm was capable of scanning all accessible phones, using Bluetooth
technology to send itself.