[IT World Compilation] On Tuesday, Microsoft warned that there is currently a vulnerability in 64-bit Windows 7, 64-bit Windows Server 2008 R2 and Windows Server 2008 R2 for Itanium that may lead to malware attacks.
Microsoft said the problem lies in the display driver of Windows Canonical. A vulnerability in a file called cdd.dll may be the main reason. Cdd.dll is a file used by the desktop architecture to mix Windows graphical user interface (GUI) and DirectX drawing. The vulnerability stems from a typical driver failure that occurs during the execution of Windows Graphics Device Interface (GDI) and DirectX, a program that simulates the interaction of early Windows graphics engines.
Once the vulnerability is breached, it can cause the machine to be broken and restarted, and may also lead to the installation of malware. However, it is not easy to install the software. The attacker needs to bypass several security protections for RAM to do so.
In addition, this vulnerability only affects Windows systems that use the Aero effect theme, so 64-bit Windows 7 that does not use the Aero theme will not be affected by this vulnerability. As for Windows Server 2008 R2, Aero is turned off by default.
Microsoft said it is currently developing security patches for Windows to address this issue. At the same time, in order to avoid being affected by potential attacks, it is recommended that users temporarily disable the Windows Aero function. When Aero is turned off, the path to attack using the vulnerability in cdd.dll is cut off.