Microsoft issues warning over serious Windows bug

Microsoft has issued a security advisory detailing a new code execution bug in some of its Windows operating system iterations.

The publicly disclosed vulnerability resides in the Windows Graphics Rendering Engine and could be exploited by cybercriminals to run arbitrary code on a victim's PC. The code would be run in the security context of the logged in user, so would be less threatening under a limited account than one with full administrative rights.

The flaw does not affect Microsoft's latest major operating systems, Windows 7 or Windows Server 2008 R2, but does affect the following installations.

Windows XP Service Pack 3
Windows XP Professional x64 Edition Service Pack 2
Windows Server 2003 Service Pack 2
Windows Server 2003 x64 Edition Service Pack 2
Windows Server 2003 with SP2 for Itanium-based Systems
Windows Vista Service Pack 1 and Windows Vista Service Pack 2
Windows Vista x64 Edition Service Pack 1 and Windows Vista x64 Edition Service Pack 2
Windows Server 2008 for 32-bit Systems and Windows Server 2008 for 32-bit Systems Service Pack 2**
Windows Server 2008 for x64-based Systems and Windows Server 2008 for x64-based Systems Service Pack 2**
Windows Server 2008 for Itanium-based Systems and Windows Server 2008 for Itanium-based Systems Service Pack 2
**Server Core installation not affected

Microsoft is working with its partners through the Microsoft Active Protections Program (MAPP) to keep an eye on the threat. MAPP's 70 partners include providers of anti-virus and anti-malware products that provide protection for an estimated one billion customers worldwide. So far, Microsoft is not aware of any attacks that try to use the reported vulnerability, but is monitoring for them and will take action against any malicious sites that attempt to.

In order to target the vulnerability, the victim has to be convinced to visit a specially crafted Web page, or to open an attachment in an e-mail containing a crafted Office document or something similar. Microsoft is currently working on a security update to address the issue in the affected software.

The advisory details a workaround that can be used in the meantime by any concerned users. It involves modifying the Access Control List on shimgvw.dll to be more restrictive, which can cause media files displayed by the Graphics Rendering Engine to display incorrectly. Information on how to perform the workaround (and reverse it later) can be found on the Microsoft Security Advisory (2490606) page.

Written by: James Delahunty @ 5 Jan 2011 8:46

JGJD2001

yea let us know what the bug is and then wait forever to get it fixed !! jeez

Who Dare Wins

5.1.2011 08:55 #1

RottieGrl

let's not forgot to also tell the hackers about it...sheesh

"Everybody Lies!"

5.1.2011 09:24 #2

Dela

Originally posted by RottieGrl: let's not forgot to also tell the hackers about it...sheesh Microsoft is confirming public reports of the vulnerability, in other words details have already been disclosed. Issuing advisories in these cases is standard procedure to alert system administrators/end users to the threat. The advisory linked also doesn't even start to explain the vulnerability in detail.

5.1.2011 09:50 #3

i1der

could this possibly be a way of pushing people to upgrade they OS. even though i highly recommend the Win7...

5.1.2011 15:54 #4

Zoo_Look

Quote:In order to target the vulnerability, the victim has to be convinced to visit a specially crafted Web page, or to open an attachment in an e-mail containing a crafted Office document or something similar. I was almost interested till I read this!

7.1.2011 08:27 #5

ChappyTTV

Originally posted by Dela: Originally posted by RottieGrl: let's not forgot to also tell the hackers about it...sheesh Microsoft is confirming public reports of the vulnerability, in other words details have already been disclosed. Issuing advisories in these cases is standard procedure to alert system administrators/end users to the threat. The advisory linked also doesn't even start to explain the vulnerability in detail. Well done Dela, another person who relies on Fact and not some misplaced, misguided emotional response.
;)

8.1.2011 19:29 #6

Zoo_Look

Originally posted by ChappyTTV: Originally posted by Dela: Originally posted by RottieGrl: let's not forgot to also tell the hackers about it...sheesh Microsoft is confirming public reports of the vulnerability, in other words details have already been disclosed. Issuing advisories in these cases is standard procedure to alert system administrators/end users to the threat. The advisory linked also doesn't even start to explain the vulnerability in detail. Well done Dela, another person who relies on Fact and not some misplaced, misguided emotional response.
;) More to the point, anyone opening ANY e-mail attachment from some unknown person/organisation, should really be discouraged from using the internet as a security procedure. Maybe under threat of this, they might start to give a **** what they expose themselves too instead of having to get their asses wiped for them.

8.1.2011 19:35 #7

ChappyTTV

Originally posted by Zoo_Look: Originally posted by ChappyTTV: Originally posted by Dela: Originally posted by RottieGrl: let's not forgot to also tell the hackers about it...sheesh Microsoft is confirming public reports of the vulnerability, in other words details have already been disclosed. Issuing advisories in these cases is standard procedure to alert system administrators/end users to the threat. The advisory linked also doesn't even start to explain the vulnerability in detail. Well done Dela, another person who relies on Fact and not some misplaced, misguided emotional response.
;) More to the point, anyone opening ANY e-mail attachment from some unknown person/organisation, should really be discouraged from using the internet as a security procedure. Maybe under threat of this, they might start to give a **** what they expose themselves too instead of having to get their asses wiped for them. Pretty much eh...there is no defence for stupid.

8.1.2011 20:30 #8

AfterDawn: News