|19 May 2010||#1|
| || |
Windows 7 x64 And Server 2008 R2 Vulnerability Emerges
Security Advisory 2028859 Released
Hello all. As we start the week we’re investigating a publicly reported vulnerability in the Windows Canonical Display Driver (cdd.dll) and have released Security Advisory 2028859 to describe our findings. We’re not aware of any current customer impact as a result of the issue.
The Canonical Display Driver is used by desktop composition to blend the Windows Graphics Device Interface (GDI) and DirectX drawing. The vulnerability affects Windows 7 x64, Windows Server 2008 R2 x64, and Windows Server 2008 R2 for Itanium systems. If exploited, it would likely cause the affected system to stop responding and restart. Code execution, while possible in theory, would be very difficult due to memory randomization both in kernel memory and via Address Space Layout Randomization (ASLR). Additionally, this vulnerability only affects Windows systems if they have the Aero theme installed; Aero is not switched on by default in Windows Server 2008 R2, nor does 2008 R2 include Aero-capable graphics drivers by default.
With that in mind, we are giving this vulnerability a preliminary Exploitability Index rating of 3, meaning we’ve deduced so far that reliable exploit code is unlikely. We’re currently developing a security update for Windows that will address the vulnerability. In the meantime, customers may choose to disable Windows Aero as a workaround to protect against potential threats. With Aero disabled, the path by which cdd.dll can be exploited is bypassed.
We are also actively working with partners in our Microsoft Active Protections Program (MAPP) and have provided them with in-depth information on the issue so they can provide broader protections to customers. To see if your security vendor is a member of MAPP, please visit our MAPP Partners page. As ever, we encourage all Windows users to apply the latest Microsoft security updates to help make sure their computers are as protected as possible.
The Microsoft Security Response Center (MSRC) : Security Advisory 2028859 Released
Microsoft Security Advisory (2028859): Vulnerability in Canonical Display Driver Could Allow Remote Code Execution
|My System Specs|
|Similar help and support threads for2: Windows 7 x64 And Server 2008 R2 Vulnerability Emerges|
|Setting up home network server using windows server 2008 R2||Network & Sharing|
|Best Antivirus in server windows 2008 server 2008 r2||System Security|
|Help choose: Windows Home Server 2011 vs. Windows Server 2008 R2||Software|
|What do you suggest: Windows Home Server 2011 vs. Windows Server 2008||Software|
|Windows 2008 Server or Linux for server||Network & Sharing|
|Windows home server vs Server 2008 R2||Software|
|New Windows 0-day vulnerability emerges, bypasses UAC||Security News|