Symantec warns of attempts to target Windows hole

Security firm says it has seen attempts to exploit vulnerability in Windows that was patched last week and expects other attempts to be successful.

Symantec is warning Windows users to install a critical patch or risk losing control of their computers.

The firm has seen attempts to exploit a GDI (graphics device interface) vulnerability in Windows that Microsoft patched last week , says Alfred Huger, vice president of development for Symantec Security Response.

"It's our belief that the vulnerability is being successfully targeted," he said on Wednesday. "We're seeing continued exploitation of it" in the wild.

As a result of the activity, Symantec raised the threat level for the vulnerability from level 1, the lowest, to level 2, a medium-level threat. The highest is level 4.

In the attempted exploits, a malicious image hosted by at least three different Web sites targets the GDI stack overflow vulnerability, according to Symantec.

About the author

Elinor Mills covers Internet security and privacy. She joined CNET News in 2005 after working as a foreign correspondent for Reuters in Portugal and writing for The Industry Standard, the IDG News Service, and the Associated Press. E-mail Elinor.


Join the discussion

Conversation powered by Livefyre

Show Comments Hide Comments
Latest Galleries from CNET
Tech industry's high-flying 2014
Uber's tumultuous ups and downs in 2014 (pictures)
The best and worst quotes of 2014 (pictures)
A roomy range from LG (pictures)
This plain GE range has all of the essentials (pictures)
Sony's 'Interview' heard 'round the world (pictures)