Thank you for being a valued part of the CNET community. As of December 1, 2020, the forums are in read-only format. In early 2021, CNET Forums will no longer be available. We are grateful for the participation and advice you have provided to one another over the years.

Thanks,

CNET Support

General discussion

Windows 7 hit by Display Driver Security hole. Affects Aero.

May 19, 2010 5:26AM PDT
A serious security vulnerability in Microsoft's newest operating system could expose users to code execution and denial-of-service attacks, the company warned in an advisory issued late Tuesday.

The vulnerability, which only affects Windows 7 and Windows Server 2008 R2, was publicly discussed ahead of Microsoft's advisory but the company said there are are no reports of attacks attempting to exploit the flaw
.

"The flaw was found in the Canonical Display Driver (cdd.dll), which is used by desktop composition to blend the Windows Graphics Device Interface (GDI) and DirectX drawing".

There are more details in the link above, and also in this MSRC blog.

Once investigations are complete, Microsoft has promised a patch, (if required), but "In the meantime, affected Windows 7 or Windows 2008 R2 users should consider disabling the Windows Aero Theme to prevent the issue from being exploited".

How to disable Aero in Windows 7.

Thanks to Carol~ from CNET's Spyware, viruses and security forum for passing this information on to me.

Mark

Discussion is locked

- Collapse -
To geenadavis. Post deleted.
May 26, 2010 8:14PM PDT

I deleted your post.

Sorry, no advertising in these forums.

Mark

- Collapse -
(NT) NT Has MS done anything about this? 2 months now
Jul 19, 2010 1:45AM PDT
- Collapse -
Finally
Jul 19, 2010 4:46AM PDT

MS released a fix for this last week on the 13th I believe.

- Collapse -
windows 7
Jul 19, 2010 12:08PM PDT

I love windows 7 ,it's so great/