Microsoft warns of unpatched Windows driver flaw

By

Several versions affected.

Microsoft has disclosed a publicly known vulnerability in its Canonical Display Driver, which is used by the Windows desktop composition feature to blend drawings created in Graphics Device Interface and DirectX.

Systems running Windows 7 64-bit, Server 2008 R2 64-bit and Server 2008 R2 for Itanium are subject to the vulnerability, according to an advisory

The flaw can lead to remote code execution, but that is unlikely because reliable exploit code would be difficult to create, Jerry Bryant, group manager of response communications at Microsoft, said in a blog post. Users are more likely to experience an unresponsive system that keeps rebooting.

"Code execution, while possible in theory, would be very difficult due to memory randomization both in kernel memory and via Address Space Layout Randomization," Bryant said. "Additionally, this vulnerability only affects Windows systems if they have the Aero theme installed."

Aero is the graphical user interface installed in most editions of Windows 7 and Vista. However, it is not turned on by default in Server 2008 R2.

For those running systems on which Aero is switched on, users may want to disable it as a workaround, Bryant said.

"With Aero disabled, the path by which cdd.dll (Canonical Display Driver) can be exploited is bypassed," he said.

Microsoft is working on a patch. The software giant's next batch of fixes is due June 8.

See original article on scmagazineus.com

Microsoft warns of unpatched Windows driver flaw
Got a news tip for our journalists? Share it with us anonymously here.
Copyright © SC Magazine, US edition
Tags:

Most Read Articles

India's alarm over Chinese spying rocks CCTV makers

India's alarm over Chinese spying rocks CCTV makers

Hackers abuse modified Salesforce app to steal data, extort companies

Hackers abuse modified Salesforce app to steal data, extort companies

Cyber companies hope to untangle weird hacker codenames

Cyber companies hope to untangle weird hacker codenames

Victoria's Secret pulls down website amid security incident

Victoria's Secret pulls down website amid security incident

Log In

  |  Forgot your password?