Windows 7 64-bit And Windows Server 2008 R2 Vulnerability Emerges

Martin Brinkmann
May 19, 2010
Updated • Jun 11, 2014
Security, Windows 7
|
3

The Microsoft Security Response team published a security advisory yesterday. The team is investigating a publicly reported vulnerability that is affecting 64-bit editions of Windows 7 and Windows Server 2008 R2 as well as Windows Server 2008 R2 for Itanium systems.

The vulnerability was discovered in the Windows Canonical Display Driver (cdd.dll) which is used by "desktop composition to blend the Windows Graphics Device Interface (GDI) and DirectX drawing".

The vulnerability received a preliminary Exploitable Index rating of 3:

Although it is possible that the vulnerability could allow code execution, successful code execution is unlikely due to memory randomization. In most scenarios, it is much more likely that an attacker who successfully exploited this vulnerability could cause the affected system to stop responding and automatically restart.

The vulnerability is only affecting Windows systems with the Windows Aero theme installed and in use. Windows Aero is not the default theme in Windows Server 2008 R2.

Microsoft's suggested action is to disable the Windows Aero theme for the time being until a security patch for the vulnerability is released.

To disable Windows Aero by changing the theme, perform the following steps for each user on a system:
1.
Click Start, select the Control Panel, and then click on Appearance and Personalization.
2.
Under the Personalization category, click on Change the Theme.
3.
Scroll to the bottom of the listed themes and select one of the available Basic and High Contrast Themes.

The security advisory and the blog post announcing the security vulnerability contain additional information.

Update: The 64-bit vulnerability has been patched. Windows users who have downloaded all recent security patches for their operating system, or installed the first Service Pack for it, are safe from the exploit. Users who have disabled the Aero theme because of the exploit can turn it back on. This is done by following the same steps outlined above.

Advertisement

Related content

Intel

Microsoft publishes new Registry security mitigation for Intel processors (Spectre)

KeePassXC adds support for Passkeys, improves database import from Bitwarden and 1Password
Malwarebytes 5

First look at Malwarebytes 5.0
RustDoor malware targets macOS users by posing as a Visual Studio Update

RustDoor malware targets macOS users by posing as a Visual Studio Update
keys

KeePass 2.56 released: options search and history improvements
70 million account credentials were leaked in a massive password dump

70 million account credentials were leaked in a massive password dump

Tutorials & Tips

How to verify link targets before you click on links

Diagnosing and Repairing Difficult Problems in Windows 7 Free Webcast

Setting up and Configuring a New PC, Free eBook

How to Install XP Mode on Windows 7 without Virtualization


Previous Post: «
Next Post: «

Comments

Leave a Reply

Check the box to consent to your data being stored in line with the guidelines set out in our privacy policy

We love comments and welcome thoughtful and civilized discussion. Rudeness and personal attacks will not be tolerated. Please stay on-topic.
Please note that your comment may not appear immediately after you post it.

Advertisement

Spread the Word

Advertisement

Hot Discussions

Advertisement

Recently Updated

Latest from Softonic

Advertisement

About gHacks

Ghacks is a technology news blog that was founded in 2005 by Martin Brinkmann. It has since then become one of the most popular tech news sites on the Internet with five authors and regular contributions from freelance writers.

The name and logo of Ghacks are copyrights or trademarks of SOFTONIC INTERNATIONAL S.A.
Copyright SOFTONIC INTERNATIONAL S.A. © 2005- 2024 - All rights reserved