Microsoft confirms graphics engine flaw

Jan 5, 2011 12:36 PM
Filed under Security
 

Out-of-band patch unlikely.

Microsoft has confirmed the existence of a vulnerability affecting the graphics rendering engine of some Windows operating systems.

The Redmond giant said it was working on a patch but that it was unlikely to be released separately as an emergency out-of-band update.

"We are not aware of any affected customers, nor of any active attacks targeting customers [using this vulnerability]," Microsoft's senior marketing communications manager for trustworthy computing Angela Gunn said.

The vulnerability was first disclosed at a security conference in South Korea last month, according to the SANS Technology Institute.

According to the Institute's Johannes Ullrich, the vulnerability affected all current versions of Windows, barring Windows 7 and 2008 R2.

"The vulnerability is exploited via malicious thumbnail images that may be attached to various documents (e.g. Microsoft Office documents)," Ullrich stated.

"The most likely exploit vector would use e-mail attachments. However, it is also possible to use network shares."

Copyright © iTnews.com.au . All rights reserved.


Microsoft confirms graphics engine flaw
Tags
microsoft, graphics, engine, flaw, windows, vista, xp, server2003, sans, institute
Related Articles
Breaking Stories
 
 
 
 
Top Stories
Review: Microsoft Surface Pro
Review: Microsoft Surface Pro
A year is a long time in the computer hardware business.
 
 
NBN Co could miss revised June fibre targets
NBN Co could miss revised June fibre targets
Analysis: Cutting it fine in the race to the line.
 
 
Sign up to receive iTnews email bulletins
   FOLLOW US...

Latest VideosSee all videos »

iTnews Academy: Microsoft Windows Server 2012 - Hyper-V
iTnews Academy: Microsoft Windows Server 2012 - Hyper-V
Interview: Australia's 'cloud-last' policy is dangerous.
Interview: Australia's 'cloud-last' policy is dangerous.
Interview: Vivek Kundra on Australia's 'cloud last' policy
Bankwest builds continuous delivery capability
Bankwest builds continuous delivery capability
To automatically deploy test/dev sandboxes by mid-year.
Veterans' Affairs sets sights on modernisation
Veterans' Affairs sets sights on modernisation
Data safe with Human Services, CIO says.
Citi Australia drops platform customisations
Citi Australia drops platform customisations
Technology chief shifts focus from building to leveraging systems.
VicRoads restructures IT team
VicRoads restructures IT team
Department moves to align with industry benchmarks.
Zurich Australia extends IT team offshore
Zurich Australia extends IT team offshore
Malaysian staff served from Australian data centres.
Leigh Berrell - Utilities CIO of the Year
Leigh Berrell - Utilities CIO of the Year
Yarra Valley Water CIO Leigh Berrell accepts his Benchmark Award for Utilities CIO of the Year.
Wayne McMahon - Retail CIO of the Year
Wayne McMahon - Retail CIO of the Year
Domino's Pizza CIO Wayne McMahon accepts his Benchmark Award for Retail CIO of the Year.
Inside Perpetual's ongoing IT transformation
Inside Perpetual's ongoing IT transformation
CIO Jenny Levy discusses how outsourcing will help the firm "simplify, refocus and grow".
Managing Complexity - Defence's Daniel McCabe
Managing Complexity - Defence's Daniel McCabe
Daniel McCabe, Assistant Secretary of Australia's Department of Defence, provides the audience at the iTnews Data Centre Strategy Summit with a deep dive into the organisation's data centre consolidation program.
How Facebook designed the data centre from scratch - Marco Magarelli
How Facebook designed the data centre from scratch - Marco Magarelli
The full keynote by Facebook data centre architect Marco Magarelli at the Australian Data Centre Strategy Summit. Magarelli details the design considerations behind the social network's Prineville, Oregon; North Carolina and Luleå, Sweden data centres.
Modernising Legacy Data Centres - Telstra's Jon Curry
Modernising Legacy Data Centres - Telstra's Jon Curry
Telstra general manager of managed data centres Jon Curry guides the audience at the iTnews Australian Data Centre Summit through the build of the telco's Clayton, Victoria data centre.
NSW Government launches NABERS data centre rating tools
NSW Government launches NABERS data centre rating tools
Matthew Clark from the NSW Department of Environment guides facilties managers through the details of the new NABERS data centre energy rating tool at the Australian Data Centre Strategy Summit.
NABERS launch panel: Australian Data Centre Strategy Summit
NABERS launch panel: Australian Data Centre Strategy Summit
Matthew Clark (NSW Dept of Environment), Greg Boorer (Canberra Data Centres), Glenn Allan (National Australia Bank), Mike Andrea (Strategic Directions) and Bob Sharon (Green Global Consulting) discuss the impact of the NABERS data centre rating.
Judges notes: Fortescue Metals [The Benchmark Awards]
Judges notes: Fortescue Metals [The Benchmark Awards]
iTnews' panel of judges discuss Fortescue Metals 'New World of Work" project, one of three shortlisted finalists for the Industrials category of the CIO Benchmark Awards.
Judges notes: Retail [The Benchmark Awards]
Judges notes: Retail [The Benchmark Awards]
iTnews' panel of judges discuss the shortlisted finalists for the Retail category of the CIO Benchmark Awards.
Judges notes: Pacific Aluminium [The Benchmark Awards]
Judges notes: Pacific Aluminium [The Benchmark Awards]
iTnews' panel of judges discuss Pacific Aluminium's lightning fast service desk refresh, one of three shortlisted finalists for the Industrials category of the CIO Benchmark Awards.
Judges notes: Domino's Pizza [The Benchmark Awards]
Judges notes: Domino's Pizza [The Benchmark Awards]
iTnews' panel of judges discuss Domino's Pizza's shift to hosted services, one of three shortlisted finalists for the Retail category of the CIO Benchmark Awards.
Judges notes: McDonald's Australia [The Benchmark Awards]
Judges notes: McDonald's Australia [The Benchmark Awards]
iTnews' panel of judges discuss McDonald's Australia's new self-service portal for employees, one of three shortlisted finalists for the Retail category of the CIO Benchmark Awards.
Latest articles on BIT Latest Articles from BIT
Xero releases an update to help take some of the stress out of tax time
Jun 20, 2013
Tax is the focus of the new Xero upgrade, and just in time for the end of the financial year
How to use Microsoft OneNote to organise your minutes, memos and more
Jun 18, 2013
You might already have OneNote, but you might have never used it. Here's how to use it to ...
Microsoft’s new Office Mobile app for iPhone looks handy, but there’s a catch
Jun 17, 2013
Click here to see what the biggest hurdle to using Microsoft's just-announced Office Mobile app ...
A handy app for finding the cheapest parking
Jun 14, 2013
This app takes the hassle and the cost out of finding a car park in the city. It is available on ...
Small business rallying cry continues before election
Jun 13, 2013
Hate paperwork? Find taxes too complicated? Then the organisers of this nation-wide petition ...
Latest Comments
Powered by Disqus
Polls
Will you quit any cloud services in light of PRISM?
   |   View results
Yes
  59%
 
No
  41%
TOTAL VOTES: 86

Vote
view previous polls »