Canonical Display Driver Vulnerability
Microsoft released a security advisory [1] with details about a so far unpatched vulnerability in the canonical display driver. All system with the "Aero" theme enabled are vulnerable.
Theoretically, code execution is possible, but according to Microsoft unlikely. However, the vulnerability would allow a DoS attack by crashing the system. The quick fix for the problem is to turn off aero.
[1] http://www.microsoft.com/technet/security/advisory/2028859.mspx
------
Johannes B. Ullrich, Ph.D.
SANS Technology Institute
Twitter
My next class:
Application Security: Securing Web Apps, APIs, and Microservices | Online | US Eastern | Jan 27th - Feb 1st 2025 |
×
Diary Archives
Comments
Windows 7 for x64-based Systems
Windows Server 2008 R2 for x64-based Systems**
Windows Server 2008 R2 for Itanium-based Systems
All systems with the Aero theme enabled are not vulnerable, according to the advisory. Only Win 7 x64 & Win Server 2008 R2 x64/Itanium.
Scott
May 19th 2010
1 decade ago