Microsoft has noted that a graphics bug could allow hackers to take limited control of 64-bit Windows 7 machines. It says disabling Aero can block the problem, but that it’s unlikely to be exploited.
The vulnerability is in the 64-bit editions of Windows 7 and Windows Server 2008 R2 plus Windows Server 2008 on Itanium systems. The problem is with the Canonical Display Driver, which bridges the gap between Windows’ own graphic system and DirectX.
Microsoft notes that an exploit could cause the system to freeze and restart. It’s technically possible that a hacker could run code through the exploit, but this would be difficult thanks to Windows security techniques which randomize how data is arranged in a PC’s memory. Hackers would effectively be trying to redirect data without knowing where it starts off. For these reasons, Microsoft is classifying the bug with the lowest rating on its exploitability scale, meaning it considers it unlikely hackers will produce and share code which can reliably exploit the issue.
The company is working on a security update but says disabling Aero-based themes will completely block the loophole. To do this in Windows 7, users should right-click on the desktop, click on Personalize, then choose a new theme from the “Basic and High Contrast Themes” category such as Windows 7 Basic. Network administrators can make this change across their network by using the Group Policy Management Console.
Aero themes are switched off by default in Windows Server 2008, which makes sense as there’s not really much point having flashy graphics for managing servers.
It is also possible that third-party image viewing software could be affected by the bug. That would be done through a user either opening an infected image file with such software, or visiting a website hosting such a file, for example by clicking on a bogus link in an e-mail.
The vulnerability is in the 64-bit editions of Windows 7 and Windows Server 2008 R2 plus Windows Server 2008 on Itanium systems. The problem is with the Canonical Display Driver, which bridges the gap between Windows’ own graphic system and DirectX.
Microsoft notes that an exploit could cause the system to freeze and restart. It’s technically possible that a hacker could run code through the exploit, but this would be difficult thanks to Windows security techniques which randomize how data is arranged in a PC’s memory. Hackers would effectively be trying to redirect data without knowing where it starts off. For these reasons, Microsoft is classifying the bug with the lowest rating on its exploitability scale, meaning it considers it unlikely hackers will produce and share code which can reliably exploit the issue.
The company is working on a security update but says disabling Aero-based themes will completely block the loophole. To do this in Windows 7, users should right-click on the desktop, click on Personalize, then choose a new theme from the “Basic and High Contrast Themes” category such as Windows 7 Basic. Network administrators can make this change across their network by using the Group Policy Management Console.
Aero themes are switched off by default in Windows Server 2008, which makes sense as there’s not really much point having flashy graphics for managing servers.
It is also possible that third-party image viewing software could be affected by the bug. That would be done through a user either opening an infected image file with such software, or visiting a website hosting such a file, for example by clicking on a bogus link in an e-mail.
