Microsoft Warns of Win 7 Graphics Security Hole

News
By Marcus Yam
published

Turn off Aero for safety.

A new Windows 7 graphics flaw has been exposed that could expose users of the 64-bit OS to experience non-responsive systems, restarts and unauthorized code execution.

Microsoft detailed in Security Advisory 2028859 that the vulnerability is to do with the Canonical Display Driver (cdd.dll), which is used by desktop composition to blend the Windows Graphics Device Interface (GDI) and DirectX drawing, and affects Windows 7 x64, Windows Server 2008 R2 x64, and Windows Server 2008 R2 for Itanium systems.

Microsoft says that there isn't a big worry because code execution would be "very difficult due to memory randomization both in kernel memory and via Address Space Layout Randomization (ASLR)." Still, those who are worried about security can simply disable Aero visual effects to keep this security flaw at bay until Microsoft issues a fix.

Marcus Yam
Marcus Yam
Marcus Yam served as Tom's Hardware News Director during 2008-2014. He entered tech media in the late 90s and fondly remembers the days when an overclocked Celeron 300A and Voodoo2 SLI comprised a gaming rig with the ultimate street cred.
45 Comments Comment from the forums
  • joytech22
    Not unexpected, Windows has always been the vulnerable OS because of it's dominance, careful users and those with proper security software/settings should be fine :)
    Reply
  • elel
    "Canonical Display Driver"?! Did microsoft get a sense of humor?
    Reply
  • huron
    Agreed...there are numerous bugs, especially since Microsoft has looked to play with most hardware and software and as stated are the big player in the market (particularly business).

    I don't think we'll ever get to perfectly secure coding, so bugs/security holes will continue to exist.
    Reply
  • Oh goodie, I knew there were a reason I always disabled Aero.
    Reply
  • dalta centauri
    Great, so we don't have a worry. I just thought the title meant something completely different.
    Reply
  • megahustler
    I run Win7 64-bit Pro, and MSSE real-time protection never fails at causing my computer to freeze up completely. I should probably check if disabling Aero fixes that.
    Reply
  • randomizer
    9208995 said:
    Not unexpected, Windows has always been the vulnerable OS because of it's dominance, careful users and those with proper security software/settings should be fine :)
    Dominance makes an OS vulnerable to attack, but it doesn't contribute to vulnerabilities in the design. That's just a development fault which needs to be corrected.
    Reply
  • tpi2007
    I have Kasppersky Internet Security installed on Win 7 64-bit Home Premium and two days ago Aero turned itself off automatically, then the PC was unresponsive for about two minutes, then it came back on, it was very weird.

    What I know is that at random hours, the system becomes unstable, Flash videos work very slowly, Firefox does not render the menus in time (takes about 1 minute to render a menu)... I was starting to think something was wrong... maybe it's this.

    Anyway, I just turned off Aero for now.

    This goes to show that the 64-bit versions of Windows are not more secure than the 32 bit ones by default. Every version has it's own strengths and weaknesses .
    Reply
  • matt314
    randomizerDominance makes an OS vulnerable to attack, but it doesn't contribute to vulnerabilities in the design. That's just a development fault which needs to be corrected.
    All software have vulnerabilities. While some argue that the unix platform is inherently more secure, windows' dominance makes it much more apt to be carefully dissected for vulnerabilities. It is widely known that m$ has the best security policies period.
    Reply
  • theuerkorn
    ...64-bit OS to experience non-responsive systems, restarts and unauthorized code execution...
    Of those, the non-responsive system has been bugging me for a while. Really thought it was due to the ATI driver, but it appears that it's with MS. Especially since the new architecture is said to prevent exactly that. Hmph.
    Reply