Article

Microsoft issues advisory on new Windows Graphics Rendering zero-day

SearchSecurity.com Staff

Microsoft has issued a security advisory warning of a publicly disclosed vulnerability in its Windows Graphics Rendering Engine, which could be used in drive-by attacks.

The flaw affects users of Windows XP, Windows

    Requires Free Membership to View

Server 2003 and 2008 and Windows Vista.

Microsoft said it has not detected any attempts by attackers to target the vulnerability. The flaw could be exploited in drive-by attacks or by tricking a user to open a malicious Word or PowerPoint file, Microsoft said. If the remote code execution vulnerability is successfully exploited, an attacker could gain complete control of a victim's computer, install additional malware and steal data, Microsoft said.

The flaw is in the way Windows accesses an object to run an application. A malicious thumbnail image can cause the Graphics Rendering Engine to fail.

Microsoft engineers are working on a patch to address this vulnerability. The software giant said the vulnerability "does not meet the criteria for an out-of-band release." The flaw does not affect Windows 7 or Windows Server 2008 R2.

As a workaround, Microsoft said affected users can modify the access control list to restrict the Windows Picture and Fax Viewer from displaying files. As a result, the workaround will fail to display any media files it typically handles.

The vulnerability was first highlighted in a presentation by security researchers Moti Joseph and Xu Hao at the Power of Community security conference in Korea. The maintainers of the Metasploit Framework created a module for the zero-day flaw Tuesday.

Last month, Microsoft repaired seven vulnerabilities in Microsoft Office, including a flaw affecting Microsoft Office Graphics Filters that could be exploited by tricking a user to open a malicious image file. The flaws only affected users of Microsoft Works, Microsoft Office Converter Pack, Microsoft Office XP and Microsoft Office 2003.

~Robert Westervelt


There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: