Microsoft warns of Windows 7 graphics flaw
By Barry Collins
Posted on 19 May 2010 at 09:17
A flaw with the graphics driver in Windows 7 could compromise the stability and security of PCs, Microsoft has warned.
The vulnerability lies in the Windows Canonical Display Driver (cdd.dll) for the 64-bit versions of Windows 7 and Windows Server 2008 R2.
"If exploited, it would likely cause the affected system to stop responding and restart," Jerry Bryant, group manager of response communications warns on the Microsoft Security Response Center blog. "Code execution, while possible in theory, would be very difficult due to memory randomisation, both in kernel memory and via Address Space Layout Randomisation (ASLR)."
Top five stories on PC Pro
1. Palm Pre Plus: first look review
2. Mozilla founder is right: Firefox has lost it
Microsoft claims that the vulnerability only affects machines running the Aero graphics interface, and advises that customers "may choose to disable Windows Aero as a workaround to protect against potential threats" until the company releases a fix.
That said, Microsoft claims that the chances of the flaw being exploited in the wild are low, and have awarded the bug the lowest possible score on its Exploitability Index.
Further details of the flaw can be found in Microsoft's security advisory.
From around the web
advertisement
- How to install Internet Explorer 9
- Maintaining and supporting IE9
- Plan your deployment
- Creating a custom browser package
- Search in corporate environments
- Dear Sony, Samsung and every other tech company in the world: stop trying to be Apple
- Will Apple's Final Cut Pro X update placate the pros?
- Smartr Contacts for iPhone review
- Switching to Office 365's Outlook Web App
- Amazon Kindle Fire review: first look
- Lytro light-field camera: first look
- CES: Why booth babes are bad marketing
- Ice Cream Sandwich on the Transformer Prime review: first look
- Samsung Galaxy Tab 7.7: first-look review of the best tablet at CES
- 3D printing: undeniably cool, but lacks a killer app
- Paying for your crimes with Bitcoin
- Pavement hacking: What it is and how to avoid it
- Google's risky pre-loaded pages
- Mac under attack: how secure is Apple's OS?
- Has your browser been hijacked?
- Can you send a truly anonymous email?
- Is it safe to send bank details over email?
- Sainsbury's Bank bans password storage
- MobileMe triggers credit card blocks
- How to stay safe against session hijacking
advertisement
Printed from www.pcpro.co.uk