0
0 0 0 0 0 0
0
0 0
Message
0ID:
0PW:
0forget pwd? | Join now
0
0
0
Online: Member 2 Guest 95
0
0
0


0
MSN: test104tw@hotmail.com
0
0
  • CISA Q & A 680 Questions. (2/1/2019)
  • ISC2 CISSP Q & A 1367 Questions. (1/31/2019)
  • CISCO 300-101 Q & A 579 questions. (1/29/2019)
  • CISCO 300-115 Q & A 391 questions. (1/28/2019)
  • CISCO 300-135 Q & A 213 questions. (1/28/2019)
  • Microsoft 70-740 Q & A 165 Questions. (1/24/2019)
  • Microsoft 70-411 Q & A 301 Questions. (1/18/2019)
  • Microsoft 70-333 Q & A 67 Questions. (12/25/2018)
  • Microsoft 70-332 Q & A 97 Questions. (12/19/2018)
  • Microsoft 70-414 Q & A 160 Questions. (12/7/2018)
  • Microsoft 70-764 Q & A 100 Questions. (12/5/2018)
  • Microsoft 70-743 Q & A 134 Questions. (12/3/2018)
  • Microsoft 70-743 Q & A 145 Questions. (11/27/2018)
  • Microsoft 70-765 Q & A 155 Questions. (11/22/2018)
  • EC-Council 312-49 V9 Q & A 517 Questions. (10/30/2018)
  • CWNP CWNA107 Q & A 192 Questions. (10/25/2018)
  • ISC2 CISSP Q & A 1175 Questions. (10/12/2018)
  • ISC CSSLP Q & A 210 Questions. (10/12/2018)
  • ISC GAP Q & A 235 Questions. (10/12/2018)
  • Microsoft 70-461 Q & A 304 Questions. (10/11/2018)
0
0
0
Name:
E-mail:
Telephone:
CheckCode: 0

Suggestions & Questions:

 

0
0
0
::Visitors::
001659725

 

 

Microsoft issues advisory for Windows display driver flaw[5/21/2010]
[TextSizeBig Middle Small][Print]
Microsoft has issued a security advisory, Tuesday, warning users of a publicly reported vulnerability in the Windows Canonical Display Driver, a Windows component used to handle graphics and DirectX drawing in games and other software programs.

The vulnerability affects Windows 7 and Windows Server 2008 systems. So far, the biggest risk posed by the vulnerability is a potential to cause a system to crash and restart, Microsoft said.


"We've deduced so far that reliable exploit code is unlikely," wrote Jerry Bryant group manager of Microsoft response communications in the Microsoft Security Response Center Blog. "We're currently developing a security update for Windows that will address the vulnerability."

Microsoft engineers called successful exploitation of the display driver error tricky and said it cannot be exploited remotely. An attacker would need to write executable content to a specific space in kernel memory. Address Space Layout Randomization (ASLR), a security feature enabled by default in Windows Vista, Windows Server 2008 and Windows 7, makes a successful exploitation even more difficult.


The engineers were able to successfully exploit the flaw locally on a Windows 7 64-bit computer with the Aero Glass theme enabled. They warned that there is potential for an attacker to exploit the vulnerability using a malicious image with a third-party image viewer.

As a workaround, Microsoft recommends temporarily disabling the Aero Glass theme.



0