Описание
Windows Bluetooth Driver Elevation of Privilege Vulnerability
Обходное решение
The following workaround may be helpful in your situation. In all cases, Microsoft strongly recommends that you install the updates for this vulnerability as soon as possible even if you plan to leave this workaround in place:
Disable the ability of child keys to allow full owner or creator permissions
Note Using Registry Editor incorrectly can cause serious problems that may require you to reinstall your operating system. Microsoft cannot guarantee that problems resulting from the incorrect use of Registry Editor can be solved. Use Registry Editor at your own risk. For information about how to edit the registry, view the "Changing Keys and Values" Help topic in Registry Editor (Regedit.exe) or view the "Add and Delete Information in the Registry" and "Edit Registry Data" Help topics in Regedt32.exe.
- Click Start, click Run, type Regedit in the Open box, and then click OK.
- Locate and then click the following registry subkey:
HKLM: \SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters
- Open Permissions
- Open Advanced
- Click Disable inheritance
- Select Convert to explicit
- Remove Creator/Owner from the Permissions.
Impact of workaround
All child keys will no longer allow full owner or creator permissions, but will still allow subkeys to be created by an arbitrary user through settings. Authorized users with system or admin privileges will still have whatever permissions are expected.
How to undo the workaround
- Click Start, click Run, type Regedit in the Open box, and then click OK.
- Locate and then click the following registry subkey:
HKLM: \SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters
- Open Permissions
- Open Advanced
- Click Allow inheritance
- Re-add creator owner
- Click Apply
- If desired, remove duplicate entries.
FAQ
What privileges could be gained by an attacker who successfully exploited the vulnerability?
An authorized local attacker could exploit this Windows Bluetooth driver vulnerability by programmatically running certain functions to arbitrarily gain registry key creation and deletion in the bthport.sys driver.
Обновления
| Продукт | Статья | Обновление |
|---|---|---|
| Windows 7 for 32-bit Systems Service Pack 1 | ||
| Windows 7 for x64-based Systems Service Pack 1 | ||
| Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) | ||
| Windows Server 2008 R2 for x64-based Systems Service Pack 1 | ||
| Windows Server 2012 | ||
| Windows Server 2012 (Server Core installation) | ||
| Windows 8.1 for 32-bit systems | ||
| Windows 8.1 for x64-based systems | ||
| Windows Server 2012 R2 | ||
| Windows RT 8.1 | - |
Показывать по
Возможность эксплуатации
Publicly Disclosed
Exploited
Latest Software Release
Older Software Release
DOS
EPSS
7.8 High
CVSS3
Связанные уязвимости
Windows Bluetooth Driver Elevation of Privilege Vulnerability
Windows Bluetooth Driver Elevation of Privilege Vulnerability.
Уязвимость драйвера Windows Bluetooth Driver операционной системы Windows, позволяющая нарушителю повысить свои привилегии
EPSS
7.8 High
CVSS3