Home Microsoft CVE-2011-1265
Back to Microsoft

CVE-2011-1265

Windows - Bluetooth Stack

Microsoft CVSS 8.8 Updated April 30, 2026

Executive Risk Summary

"The Bluetooth Stack in Microsoft Windows Vista SP1 and SP2 and Windows 7 Gold and SP1 is vulnerable to remote code execution via crafted Bluetooth packets. This vulnerability allows an attacker to execute arbitrary code on the affected system."

Anticipated Attack Path

  1. 1. Initial Exploitation: Attacker sends crafted Bluetooth packets to the vulnerable system
  2. 2. Privilege Escalation: Exploited code gains elevated privileges on the system
  3. 3. Lateral Movement: Attacker uses the compromised system to move laterally within the network

Am I Vulnerable?

  • Verify the presence of the Bluetooth Stack on Windows systems
  • Check for the existence of the vulnerability using the OVAL definition (oval:org.mitre.oval:def:12094)
  • Apply the patch from Microsoft (MS11-053) to remediate the vulnerability

Operational Audit Arsenal

Target Type Service
Target Asset bthservs
Standard Path C:\Windows\System32\bthservs.dll
PowerShell 
# 🛠️ Senior Engineer Universal Audit
# Target: bthservs (Service)
$Targets = 'bthservs'
$SearchPaths = @("$env:windir\System32", "$env:ProgramFiles", "${env:ProgramFiles(x86)}")

Get-ChildItem -Path $SearchPaths -Include $Targets -Recurse -ErrorAction SilentlyContinue | 
Select-Object FullName, @{Name="Version";Expression={$_.VersionInfo.ProductVersion}}

Patch Impact Forecast

Reboot Required Likely

Minimal, but may require a system restart

Internal Work Notes

Apply MS11-053 patch to Windows systems to remediate Bluetooth Stack vulnerability (CVE-2011-1265), which allows remote code execution via crafted Bluetooth packets.

Technical Intelligence & Operational Utilities • Delivered Weekly

Intelligence Sources

Official Advisoryhttp://www.us-cert.gov/cas/techalerts/TA11-193A.html
MSRC Advisoryhttps://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-053
Official Advisoryhttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12094
Official Advisoryhttp://www.us-cert.gov/cas/techalerts/TA11-193A.html
MSRC Advisoryhttps://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-053
Official Advisoryhttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12094

Related Microsoft Threats

CVE-2026-42901 CVSS 10

Microsoft Entra ID
CVE-2025-65041 CVSS 10

Microsoft Partner Center
CVE-2026-31957 CVSS 10

Microsoft Azure Entra ID and Intune - Himmelblau
Data compiled from NVD, MSRC, and CISA KEV Catalog. Intelligence synthesized via AI. Scripts provided for diagnostic purposes under MIT License.