Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: Canonical Display Driver Vulnerability SANS ISC InfoSec Forums

Watch ISC TV. Great for NOCs, SOCs and Living Rooms: https://isctv.sans.edu

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Canonical Display Driver Vulnerability

Microsoft released a security advisory [1] with details about a so far unpatched vulnerability in the canonical display driver. All system with the "Aero" theme enabled are vulnerable.

Theoretically, code execution is possible, but according to Microsoft unlikely. However, the vulnerability would allow a DoS attack by crashing the system. The quick fix for the problem is to turn off aero.

[1] http://www.microsoft.com/technet/security/advisory/2028859.mspx

 

------
Johannes B. Ullrich, Ph.D.
SANS Technology Institute
Twitter

I will be teaching next: Defending Web Applications Security Essentials - SANS San Francisco Spring 2020

Johannes

3753 Posts
ISC Handler
Affected Software

Windows 7 for x64-based Systems
Windows Server 2008 R2 for x64-based Systems**
Windows Server 2008 R2 for Itanium-based Systems

All systems with the Aero theme enabled are not vulnerable, according to the advisory. Only Win 7 x64 & Win Server 2008 R2 x64/Itanium.
Anonymous

Sign Up for Free or Log In to start participating in the conversation!