The 64-bit edition of Windows 7, its counterpart for servers, Windows Server 2008 R2, Itanium and declination of the latter are affected by a security hole located at the component cdd.dll (Canonical Display Driver).
Microsft says it could allow an attacker to trigger the execution of remote code on a target machine. The risk is however, more moderate, due to the random generation of memory addresses used by this component.
Until the release of a patch, users are invited, if they wish to protect themselves from possible exploitation of this vulnerability, disable Aero component that supports Windows Vista since the GUI system from Microsoft.
Used at the Windows desktop, as well as some third party applications, allows the driver to cdd.dll memory operate together data from interfaces DirectX and GDI (Windows graphics device interface, used before the arrival of DirectX).
No comments:
Post a Comment