Security hole found in Windows 7 display driver

The latest security advisory from Microsoft highlights a vulnerability in the company’s newest operating system – Windows 7 – that could allow for remote code execution and denial of service attacks. However, Microsoft believes that the flaw has not yet been exploited.

According to a blog posting from Microsoft’s Jerry Bryant, who is group manager for the Microsoft Security Response Center, the cdd.dll “is used by the desktop composition to blend the Windows Graphics Device Interface and DirectX drawing”, and only affects Windows systems that have installed the company’s Aero theme.

Although it has issued an advisory, Microsoft contends that remote code execution is unlikely. Bryant adds: “If exploited, it would likely cause the affected system to stop responding and restart. Code execution, while possible in theory, would be very difficult due to memory randomization both in kernel memory and via Address Space Layout Randomization (ASLR).”

Microsoft said it is currently investigating the exploit and will issue a security patch shortly. It is advising customers to disable the Windows Aero theme to temporarily protect against this vulnerability.

What’s hot on Infosecurity Magazine?