Windows 7 not affected by latest Windows Security Flaw

Microsoft on Tuesday, issued a Security Advisory describing a new unpatched Windows vulnerability.

The vulnerability is caused when the Windows Graphics Rendering Engine improperly parses a specially crafted thumbnail image, resulting in a stack overflow.

An attacker who successfully exploited this vulnerability could run arbitrary code in the security context of the logged-on user. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

The vulnerability is a publicly disclosed flaw affecting the Windows Graphics Rendering Engine on Vista, Server 2003 and Windows XP.

Microsoft says both Windows 7 32-bit and 64-bit as well as Server 2008 R2 are unaffected.

Secunia a security firm currently rates the vulnerability as “extremely critical”. Microsoft says it’s not aware of attacks that use the report vulnerability at this time.

According to a Microsoft blog post;

Meanwhile, we are working to develop a security update to address this vulnerability. The circumstances around the issue do not currently meet the criteria for an out-of-band release; however, we are monitoring the threat landscape very closely and if the situation changes, we will post updates here on the MSRC blog.

Details about the flaw can be found here.

Advertisements

One response to this post.

  1. […] solution for Microsoft Windows Graphics Rendering Engine vulnerability now Available! In an earlier blog post, two days ago, Microsoft released Security Advisory 2490606 to address a publicly disclosed […]

    Reply

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: