Microsoft Warns of 'Unlikely' Windows 7 Aero Flaw

A new security flaw in Microsoft's very popular Windows 7 operating system (OS) could open users up to a remote code execution and denial-of-service attack, Microsoft said in a security advisory on Tuesday evening.

The vulnerability affects only 64-bit versions of Windows Server 2008 R2 and Windows 7. The flaw affects the Canonical Display Driver, or CDD.DLL, used in the Windows Graphics Device Interface (GDI) and DirectX drawing. The vulnerability is tied to the graphics system's desktop composition process. (Source: zdnet.com)

Microsoft: Remote Code Attack "Unlikely"

Luckily, it doesn't yet appear as though any hackers have been able to take advantage of the flaw, which could allow a mischievous individual to remotely take control of a user's entire system. It would be a tough quest to complete for a hacker, largely because of memory randomization in kernel memory and Address Space Layout Randomization (ASLR).

In addition, only users running the Windows Aero graphics theme are vulnerable, a function not used by default in Windows Server 2008 R2.

For those concerned about the flaw, Aero can be disabled in Windows 7. It's as simple as accessing Appearance and Personalization in the Control Panel, then clicking Personalization, Change the Theme and finally the "Basic" option from the High Contrast Themes menu.

Security Researchers Prove ASLR Hacks Possible

Right now, Microsoft believes that if an attack were to occur it's more likely a victim machine would simply stop responding and automatically restart. The software firm is confident that a remote code execution is, in fact, only a remote possibility.

However, it's not unheard of for people to bypass the ASLR. In fact, two researchers have been awarded $10,000 for doing just that at a recent "Pwn2Own" computer security conferences. (Source: computerworld.com)

Microsoft has rated the threat a "3", the lowest of its scores associated with the likelihood that a threat might actually become reality.