|18 May 2010||#1|
| || |
Security Advisory 2028859 Released
Hello all. As we start the week we’re investigating a publicly reported vulnerability in the Windows Canonical Display Driver (cdd.dll) and have released Security Advisory 2028859 to describe our findings. We’re not aware of any current customer impact as a result of the issue.
The Canonical Display Driver is used by desktop composition to blend the Windows Graphics Device Interface (GDI) and DirectX drawing. The vulnerability affects Windows 7 x64, Windows Server 2008 R2 x64, and Windows Server 2008 R2 for Itanium systems. If exploited, it would likely cause the affected system to stop responding and restart. Code execution, while possible in theory, would be very difficult due to memory randomization both in kernel memory and via Address Space Layout Randomization (ASLR). Additionally, this vulnerability only affects Windows systems if they have the Aero theme installed; Aero is not switched on by default in Windows Server 2008 R2, nor does 2008 R2 include Aero-capable graphics drivers by default.
With that in mind, we are giving this vulnerability a preliminary Exploitability Index rating of 3, meaning we’ve deduced so far that reliable exploit code is unlikely. We’re currently developing a security update for Windows that will address the vulnerability. In the meantime, customers may choose to disable Windows Aero as a workaround to protect against potential threats. With Aero disabled, the path by which cdd.dll can be exploited is bypassed.
We are also actively working with partners in our Microsoft Active Protections Program (MAPP) and have provided them with in-depth information on the issue so they can provide broader protections to customers. To see if your security vendor is a member of MAPP, please visit our MAPP Partners page. As ever, we encourage all Windows users to apply the latest Microsoft security updates to help make sure their computers are as protected as possible.
We will continue to share updates on this blog and through our Twitter feed (@msftsecresponse).
Group Manager, Response Communications
*This posting is provided "AS IS" with no warranties, and confers no rights*
Security Advisory 2028859 addresses a vuln in the Canonical Display Driver (cdd.dll), a 3 on the exploitability index.
|My System Specs|
|Similar help and support threads for2: Security Advisory 2028859 Released|
|Fix it Released for Security Advisory 2286198||News|
|Security Advisory 2286198 Released||Windows Updates & Activation|
|Security Advisory 983438 Released||News|
|Security Advisory 981374 Released||News|
|Security Advisory 981169 Released||News|
|Security Advisory 980088 Released||News|
|Security Advisory 979682 Released||News|