MSI Bluetooth & XP SP2 native bluetooth support

I am getting sick and tired of Widcomm's software stack, my bluetooth device will stop working if the computer has been on for a while, it needs frequent resets, etc.
XPSP2 has native bluetooth support. Does this work with the MSI bluetooth devices, without installing any Widcomm stuff?

Thanks to the Secunia security mailing list for this bulletin:
Pentest Limited Security Advisory
WIDCOMM Bluetooth Connectivity Software Buffer Overflows
Advisory Details
Title: WIDCOMM Bluetooth Connectivity Software Buffer Overflows
Announcement date: 11 August 2004
Advisory Reference: ptl-2004-03
CVE Name: CAN-2004-0775
Products: WIDCOMM Bluetooth Connectivity Software
Vulnerability Type : Buffer Overflow
Vendor-URL: http://www.widcomm.com
Vendor-Status: Fixed in release 3.0
Remotely Exploitable: Yes
Locally Exploitable: N/A
Advisory URL: http://www.pentest.co.uk/documents/ptl-2004-03.html
Vulnerability Description
WIDCOMM's products provides a full range of Bluetooth connectivity
solutions for PCs, PDAs, mobile phones, headsets, digital cameras,
access points, and various output devices.
An unauthenticated remote attacker can submit various malformed service
requests via Bluetooth, triggering a buffer overflow and executing
arbitrary code on the vulnerable device.
On Windows platforms this allows arbitrary code execution under the
context of the currently logged on user account.
Vulnerable Versions
WIDCOMM supply their Bluetooth Communications software to other
companies to allow them to integrate Bluetooth technology into their
devices. They also supply Bluetooth SDK's to enable developers to create
applications that use Bluetooth. Therefore it may not be immediately
apparent that you are using the WIDCOMM Bluetooth software and version
numbers may vary.
WIDCOMM's website (http://www.widcomm.com/Partners/index.asp) reports
the following companies as customers or partners with WIDCOMM:
Logitech
Samsung Electro-Mechanics
Sony
Texas Instruments
Compaq Computer Corporation
Dell
National Semiconductor
Matsushita Electric Industrial Co., Ltd.
Wistron NeWeb Corporation
TDK Systems Europe
Zeevo
Cambridge Silicon Radio
Billionton
Broadcom Corporation
LG Innotek
MSI
Fujitsu Siemens Computers
Philips
Silicon Wave
Seiko Instruments Inc.
TECOM
Plantronics
Mobilian
Fujitsu Media Devices Limited
OKI Electric Industry Co. Ltd.
FIC
Costar
Brother
Alcatel
Atmel
Conexant Systems, Inc.
Microtune
OSK
Pentest Limited have tested for the reported vulnerabilities against
BTStackServer version 1.3.2.7 and 1.4.2.10  on both Windows XP and
Windows 98 which ships with MSI Bluetooth Dongles. We have also tested
this against an HP IPAQ 5450 running WinCE 3.0 with Bluetooth software
version 1.4.1.03.
Pentest Limited have also written a proof of concept exploit for Windows
XP.
Whilst the above platforms are the only platforms tested and confirmed
to be exploitable by Pentest Limited, discussions with the vendor lead
us to believe that are all versions prior to version BTW & BT-CE/PPC 3.0
are affected by this vulnerability.
WIDCOMM has not confirmed whether BT-PPC/Phone Edition, BT-Smartphone,
BTE-Mobile or BTE are vulnerable.
Vendor Status
WIDCOMM:
14-11-2003 - Initial Pentest Limited Notification
14-11-2003 - Notification acknowledged by WIDCOMM, request more detail
20-11-2003 - Pentest notify WIDCOMM of another vulnerability
06-01-2004 - Pentest send chase up Email without reply
13-01-2004 - Another email
13-01-2004 - WIDCOMM reply saying they are still working on it
21-01-2004 - Pentest email WIDCOMM that they have written a POC exploit
23-01-2004 - WIDCOMM reply saying they have resolved issue and fix
             will be available in next release.
10-02-2004 - Pentest ask for an update on expected release date
11-02-2004 - WIDCOMM plan February/early March realease date
29-03-2004 - Pentest ask for update
12-05-2004 - Pentest ask for update
12-07-2004 - Pentest send chase up Email without reply
26-07-2004 - Pentest ask whether a patches will be released for older
versions
03-08-2004 - WIDCOMM respond. No date set for new release and no patch
             will be made available for older versions.
Fix
Until version 3 of the WIDCOMM software becomes available from WIDCOMM
or their customers/partners Pentest Limited recommend that end users
stop using the vulnerable WIDCOMM Bluetooth software or set their
Bluetooth device configuration to be non-discoverable or hidden. This
will not stop the device from being vulnerable but it may limit the
exposure.
Credit
These vulnerabilities were discovered by Mark Rowe and Matt Moore from
Pentest Limited.

Similar Messages

  • I use a 2003 FW800 MDD desktop, with dual 1.25 GHz processors, and OS10.4.11, and with native Bluetooth card, won't recognize a newer Bluetooth Headphone set as an Input or Output device in System Preferences

    I use a Mac 2003 FW800 MDD desktop with dual 1.25 GHz processors, 2 GB memory, and a native Bluetooth card installed. I use OS10.4.11.  The FW800 was the only MDD that could use Bluetooth natively, as an optional installation.  I use the installed Bluetooth to run an Apple Aluminum Keyboard, and would like to use it with a new (2010) Samsung SBH-600 Bluetooth Headphone set, but, although the set will pair with the computer, and is recognized in both the System Profiler, and the Bluetooth section of System Preferences, it is not recognized in the Sound preferences section of System Preferences as either an Input or Output device.  Only the installed external Apple speakers are recognized.  I'd like to know if there is anything that can be done to make the Bluetooth system installed work with these headphones - either something that can be changed in the computer settings, or an added external Bluetooth device with different Bluetooth capabilities.

    It it may be that you are running either an outdated BT software or the firmware of the card is not up to date.
    What version is your BT software? Is it later than 1.5?
    http://support.apple.com/kb/DL1209
    Firmware:
    http://support.apple.com/kb/DL354
    Along with the firmware, it is likely that the headphones require a later BT revision than you are running. The headphones need rev.2.
    You may need to move to Leopard for support.
    http://support.apple.com/kb/DL889
    It also may be that headphone support is limited to iChat or the like in Tiger.....
    If you go to a USB BT dongle, D-Link often gets the nod as having native compatibility in OS X.

  • Bluetooth: Old - Handoff/Airdrop2 not supported

    After running EtreCheck got "Bluetooth: Old - Handoff/Airdrop2 not supported" .
    I'm trying to get airdrop to work with my  MacBook air. How to update the bluetooth if possible.
      iMac (27-inch, Mid 2011) (Technical Specifications)
        iMac - model: iMac12,2
        1 2.7 GHz Intel Core i5 CPU: 4-core
        20 GB RAM Upgradeable
            BANK 0/DIMM0
                8 GB DDR3 1333 MHz ok
            BANK 1/DIMM0
                8 GB DDR3 1333 MHz ok
            BANK 0/DIMM1
                2 GB DDR3 1333 MHz ok
            BANK 1/DIMM1
                2 GB DDR3 1333 MHz ok
        Bluetooth: Old - Handoff/Airdrop2 not supported
        Wireless:  en1: 802.11 a/b/g/n

    Unfortunately, you cannot update bluetooth.

  • Post ios6 up gradation my plantronics Bluetooth headphone is no more supported. Why ?

    Post ios6 up gradation, my plant tonics Bluetooth headphone is no more supported with my iPhone. Why?

    Post ios6 up gradation, my plant tonics Bluetooth headphone is no more supported with my iPhone. Why?

  • I cannot get my iPad Bluetooth to find another Bluetooth device

    I cannot get my iPad Bluetooth to find another Bluetooth device. I want to play scrabble with my iPad and iPhone and they do not see each other. Any ideas?

    Hello:
    The devices you mention have limited Bluetooth connectivity (peer-to-peer).
    http://support.apple.com/kb/HT3621
    Barry

  • HT204368 iphone5 bluetooth not connecting with bluetooth device

    Hi
    I am haveing problem to connect my bluetooth device with my iphone5.

    Supported Bluetooth Profiles  >  http://support.apple.com/kb/HT3647

  • Re: Native Language Support in Forte

    [email protected] wrote:
    I've been posed a question in the abstract about Forte's native language
    support. Does Forte support any languages other than C/C++? And if so,
    what are the limitations or caveats?
    Native Language Support could also mean the NLS standard which Forte supports. This
    provides for Internationalization (I18N) of a Forte application. This means a client
    application deployed in french, german, and english (for example), could all be making
    requests of the same Forte shared service and getting responses in the native language.
    We provide for changing the language/character set displayed both statically before the
    application starts, and dynamically change it while the application is running.
    If support native language support means ability for Forte to call existing application
    logic written in C/C++, then today you can "wrapper" C functions in a Forte Class,
    instantiate the class and "call-out" to the member functions (your c functions) directly
    from the 4GL object.
    C++ functions are a challenge due to cross platform C++ compiler issues which at a
    minimum include "name mangling" being non-standard for all the C++ compilers.
    However, you can "export" C++ class member functions as external "C" functions so that C
    code can call the function as if it was regular K&R or ANSI C.
    If other language support is required, I have customers on the East Coast which have
    successfully wrappered MicroFocus Cobol on HP-UX, and the ADA language. This is due to
    the concept of all 3GL languages today support the concept of allowing for their
    language to be called from 'C' (other possibilities are Pascal, Fortran, etc).
    Here the only caveat is you need to be aware of the other language's "boot-code" may be
    registering for operating system "signals" and not handling them appropriately. This
    rarely is an issue these days.
    If other language support means do we code generate our 4GL language to any language
    other than 'C++', the answer is currently "no".
    However, we do support exporting Service object definitions to environments like DCE,
    CORBA, Encinca (a TP monitor), and the WWW. In our next release we will complete our
    support for exporting services objects to Java. This will allow for Java applications to
    call upon the power of Forte's Shared Services architecture. Using this exporting
    concept, applications written in various other languages would be able to "call-in" to
    the Forte shared service from the ourside world.
    Didn't know what you were looking for. Hope the above hit the mark. If not, write me, or
    give me a call.
    Regards,
    jim

    Not exactly sure what you are asking. Can you rephrase your question?
    If your other server's locale is same as the one you configured then it should be ok.

  • How do i stream bluetooth from tv to bluetooth hearing aid?

    how do i stream bluetooth from tv to bluetooth hearing aid?

    I have my iphone streaming to my hearing hasaids using bluetooth, My TV has an audio out on the back, Can I purchase a blueooth TRANSMITTING device to through audio to my new bluetooth hearing aids?

  • Native AVCHD support

    We need native AVCHD support with no transcode option. if you have a quad or 8 core mac pro it will edit fine.. AVCHD is what the majority of prosumer cameras are and are going to be.. we want tapeless to save us the time and money, we shouldn't have to transcode it (though it should be an option)..
    I think apple should realized a free update to support it.. Avid has realized this already and has both native import and AMA support for AVCHD.. now when will Final cut pro? it's making me want to switch to Media composer.

    AVCHD not an editing codec. Supporting it would just mean your computer
    is wasting processing power doing something silly. It's smarter to
    transcode to an editing format and use your processor to do cool
    effects and stuff.
    geek3 wrote:
    everyone is going tapeless.
    DVCPRO HD is a professional tapeless codec
    that also works well as an editing codec.
    So is AVC-Intra.
    But not AVCHD.
    most people are getting avchd or dslr cameras
    It's a great way to get started in video, but
    the professionals who sometimes use AVCHD cameras
    know the difference between an acquisition codec
    and an editing codec.
    Here's some interesting discussion on the subject:
    http://forums.creativecow.net/thread/280/529
    And here's how to "fix" the moiré problems with DSLR footage:
    http://www.dvxuser.com/articles/article.php/20

  • Weblogic 8.1 SP2 does not support 'Order by' clause in EJB-QL

    It seems that Weblogic 8.1 SP2 does not support 'Order by' clause in EJB-QL. EJB 2.1 spec supports 'Order by' clause in EJB-QL. Am I right when I say that it indicates : "Weblogic 8.1 SP2 does not support EJB 2.1" ? In that case, what can be the alternative since I am using Weblogic 8.1 and I require 'Order by' clause in Ejb-QL as well.

    In WL 8.1 SP4 I can use the ORDERBY just fine.
    Try ORDERBY instead of Order by

  • Enabling (native) write support for NTFS

    I used NTFS-3G for writing on NTFS before, but because of this (https://discussions.apple.com/thread/4187322) i had to uninstall it.
    A while ago i heard something about OSX having native write support for NTFS.
    Is that even true? And if so, can i (and how) enable it on Mountain Lion?

    Tbassist4 wrote:
    Thank you. I've been looking at these two a little bit. NTFS-3g seemed like a pretty good choice at first, but I question the stability a little bit, as they do warn you that the project is experimental. Paragon actually looks like a good, safe solution, and also generally inexpensive, but I am trying to find out whether or not it will run on intel-based Macs, as it only lists system specs for running the program on a PPC-based Mac. I'll report the results as soon as I find out.
    On the System Requirements Page for Paragon it does say Intel. Actually it says x86 which are Intel processor architecture, plus on the box it shows the Universal logo on it (hard to see but it's there).
    David L.

  • When I try to open a document from my file on Mac OS X the following message appears, with the Bluetooth logo: 'SELECT A BLUETOOTH DEVICE ....Select a device to send file ...' I then have to go to the source of the document, e.g. Pages, to open the file.

    When I try to open a document from my file on Mac OS X the following message appears, with the Bluetooth logo: 'SELECT A BLUETOOTH DEVICE ....Select a device to send file ...' I then have to go to the source of the document, (e.g. Pages), to open the file. Please could someone help?

    The Get Info dialog should look something like this:
    The "Change All" button should be at the bottom of the "Open With" section.  This is how it appears in Snow Leopard.  Other OSX versions many be slightly different.
    If something is changing the setting back to something else you may have a deeper problem than I am able to help you with.  What is appearing in the Open with area before you correct it?
    If the problem is still persisting, instead of double clicking on the file to open it, try right or control clicking and then select Open With and choose the proper app from the list.

  • Native iSCSI support in OS X

    Is there any chance Apple will add native iSCSI support in OS X?

    You will not get any answers from Apple about future products or enhancements. Don't waste your breath asking them. You can send them feedback for an enhancement request using the Apple Feedback site. But you won't get any reply from them.
    If you wish to discuss rumors then try one of the many Mac rumor sites like macrumors.com

  • Bluetooth doesn't recognize bluetooth mouse

    Tried to follow instructions to have the Bluetooth in the laptop recognize the new Gearhead Bluetooth mouse. Computer can't find the mouse. The instruction said to:
    1) Turn Bluetooth on.
    2) Setup Bluetooth Device.
    3) Bluetooth Setup Assistant
    Nothing appears in the dialog box so I can't "continue". The powe switch has been turned on as well as the Bluetooth dongle. What else do I need to do so that the computer can find the mouse?

    You need to make sure Bluetooth is on both the computer and the mouse.
    You need to make sure the mouse is set to Discoverable mode.
    (How to do this will be included in the instructions with the mouse.)

  • [Solved] Can't send mails using mutt's native smtp support

    I read the wiki and interested in mutt's native smtp support, so I installed extra/cyrus-sasl and decided to give it a try.
    After search the online manual of muttrc, I add a few lines to my ~/.muttrc as follows:
    set my_pass='mysecretpass'
    set my_user=[email protected]
    set smtp_authenticators="digest-md5:cram-md5"
    set smtp_url=smtps://$my_user:$[email protected]
    Everything looks fine, until I sent a test mail. The mutt's status bar is always showing "sending message ..." for a long time, but nothing is sent. I felt frustrated.
    Can anyone give me a suggestion?  So much thanks.
    =======
    Edit: The problem resulted from improper options in muttrc, which I've commented. Because I'm using the native IMAP support of mutt, some original options have to be commented, such as:
    #set postponed=+drafts
    #set record=+sent
    P.S.
    The SMTP port of Google is 587, while the SMTPS port is 465. It's not necessary  to set this port manually.
    Last edited by cwjiof (2009-11-25 13:26:15)

    try adding a :587 on the end of the url.  i'm also not sure you even need /cyrus-sasl or the _authenticators bit.  i didn't, back before i moved to an msmtp mutt setup.

Maybe you are looking for