Windows 7 x64 And Server 2008 R2 Vulnerability Emerges

    Windows 7 x64 And Server 2008 R2 Vulnerability Emerges


    Posted: 19 May 2010
    Security Advisory 2028859 Released

    Hello all. As we start the week we’re investigating a publicly reported vulnerability in the Windows Canonical Display Driver (cdd.dll) and have released Security Advisory 2028859 to describe our findings. We’re not aware of any current customer impact as a result of the issue.

    The Canonical Display Driver is used by desktop composition to blend the Windows Graphics Device Interface (GDI) and DirectX drawing. The vulnerability affects Windows 7 x64, Windows Server 2008 R2 x64, and Windows Server 2008 R2 for Itanium systems. If exploited, it would likely cause the affected system to stop responding and restart. Code execution, while possible in theory, would be very difficult due to memory randomization both in kernel memory and via Address Space Layout Randomization (ASLR). Additionally, this vulnerability only affects Windows systems if they have the Aero theme installed; Aero is not switched on by default in Windows Server 2008 R2, nor does 2008 R2 include Aero-capable graphics drivers by default.

    With that in mind, we are giving this vulnerability a preliminary Exploitability Index rating of 3, meaning we’ve deduced so far that reliable exploit code is unlikely. We’re currently developing a security update for Windows that will address the vulnerability. In the meantime, customers may choose to disable Windows Aero as a workaround to protect against potential threats. With Aero disabled, the path by which cdd.dll can be exploited is bypassed.

    We are also actively working with partners in our Microsoft Active Protections Program (MAPP) and have provided them with in-depth information on the issue so they can provide broader protections to customers. To see if your security vendor is a member of MAPP, please visit our MAPP Partners page. As ever, we encourage all Windows users to apply the latest Microsoft security updates to help make sure their computers are as protected as possible.

    The Microsoft Security Response Center (MSRC) : Security Advisory 2028859 Released

    Microsoft Security Advisory (2028859): Vulnerability in Canonical Display Driver Could Allow Remote Code Execution

    A Guy
    A Guy's Avatar Posted By: A Guy
    19 May 2010



 

  Related Discussions
As my final project for the year i am setting up a server that we will eventually move all our computers on to. I am using a poweredge 2900 as a server with windows server 2008 installed. As of now i have 2 computers connected to the domain which they can log on to. - what i need help with -...
I have a file server at home with a Quad core, 4gb ram, and a 3tb of storage. It is running Ubuntu Desktop and sharing video files primarily. From my school I have access to a free copy of Windows Server 2008 R2. Other than the server I have 2 Windows 7 desktops, 1 Windows 7 laptop and 1 Windows...
Hi all Have been a LONG LONG user of Linux as a server (hosting VM's XP / W7 mix) and file / print sharing. I used to avoid MS like the plague as far as SERVER environments are concerned - probably because my first experince was Windows NT (Windows NeanderThal or Windows No Thanks) which was...
I'm trying to decide between Windows Home Server and Windows Server 2008 R2 for my home server PC. Ordinarily it would be a clear cut choice, but I've got a free copy of Server 2008 R2 through my academic MSDN subscription. I'd like to avoid spending extra money if Server 2008 R2 would do the job....
Our Sites
Site Links
About Us
Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

 © Designer Media Ltd
All times are GMT -5. The time now is 19:00.
Find Us