Microsoft Warns of Win 7 Graphics Security Hole
Turn off Aero for safety.
A new Windows 7 graphics flaw has been exposed that could expose users of the 64-bit OS to experience non-responsive systems, restarts and unauthorized code execution.
Microsoft detailed in Security Advisory 2028859 that the vulnerability is to do with the Canonical Display Driver (cdd.dll), which is used by desktop composition to blend the Windows Graphics Device Interface (GDI) and DirectX drawing, and affects Windows 7 x64, Windows Server 2008 R2 x64, and Windows Server 2008 R2 for Itanium systems.
Microsoft says that there isn't a big worry because code execution would be "very difficult due to memory randomization both in kernel memory and via Address Space Layout Randomization (ASLR)." Still, those who are worried about security can simply disable Aero visual effects to keep this security flaw at bay until Microsoft issues a fix.

That's right! Write thousands of lines of new code without encountering any bugs or errors! I'm not a programmer and I know everything! -_-
All software have vulnerabilities. While some argue that the unix platform is inherently more secure, windows' dominance makes it much more apt to be carefully dissected for vulnerabilities. It is widely known that m$ has the best security policies period.
I don't think we'll ever get to perfectly secure coding, so bugs/security holes will continue to exist.
Dominance makes an OS vulnerable to attack, but it doesn't contribute to vulnerabilities in the design. That's just a development fault which needs to be corrected.
What I know is that at random hours, the system becomes unstable, Flash videos work very slowly, Firefox does not render the menus in time (takes about 1 minute to render a menu)... I was starting to think something was wrong... maybe it's this.
Anyway, I just turned off Aero for now.
This goes to show that the 64-bit versions of Windows are not more secure than the 32 bit ones by default. Every version has it's own strengths and weaknesses .
All software have vulnerabilities. While some argue that the unix platform is inherently more secure, windows' dominance makes it much more apt to be carefully dissected for vulnerabilities. It is widely known that m$ has the best security policies period.
Of those, the non-responsive system has been bugging me for a while. Really thought it was due to the ATI driver, but it appears that it's with MS. Especially since the new architecture is said to prevent exactly that. Hmph.
Linux, Unix, and OS X aren't full proof. In fact, it could be argued that they are much less secure than Win7 (if you know what you're doing). Design isn't necessarily an issue when you have more attackers than you have employees. The fact that this issue WILL be fixed soon just shows their level of commitment.
Besides, no amount of programming can stop an individual from giving out their passwords to whatever "official" e-mail that asks. Human error is the largest security hole, and that will NEVER be patched.
Wasn't there a similar case happened with windows xp and .jpg...
They just never learn:
Fix a security hole with one OS but not in the new one.
Stop spending money on advertisement and put some in developing better software Ms retarded..
That's right! Write thousands of lines of new code without encountering any bugs or errors! I'm not a programmer and I know everything! -_-
Aero and a jpeg load exploit are 2 very different things.
So far i have not had any such crashes. If it starts getting to be an issue for many users I may disable aero. but other then that, its hard to go back to a non v-sync/hardware accelerated desktop.
I couldn't live without aero anymore. I've grown so used to it, that disabling it makes me feel like I'm back on windows antique. Even on my 2008 r2 system I installed the 'desktop experience' feature so it didn't feel like an old system. And I barely even need to use it, as it only runs homepage and gateway services.
I agree partially, Windows is the big target because of it's dominance, but it's also a big target when it advertises unfixed security holes in their OS.
The first step to fixing a problem is acknowledging the problem, but you'd think that you'd be a little more subtle about it rather than make it public news. I could guarantee that Apple would die if their security issues were published like this.
As aggravating as it is sometimes to encounter a bug, it's nice to know that MS is still LOOKING for bugs and giving us updates instead of ignoring them or not telling us at all.
Should I disable Compiz on my Ubuntu box to make you all feel better?
Not a chance!