Another year, another vulnerability in Windows. Yesterday Microsoft confirmed it was investigating a ‘recently discovered’ vulnerability. Exploit code for this is reported to be already available.
According to the Security Advisory, the vulnerability involves the Windows Graphics Rendering Engine. Affected Windows versions are various flavors of XP, Vista, Server 2003 and Server 2008. Windows 7 is not affected.
Exploiting the vulnerability requires a specially-crafted thumbnail image (say of a folder or program). Successful exploitation can lead to the attacker pretty much taking control of said computer.
One note: whether the booby-trapped thumbnail is on a site or sent in an e-mail, the user still has to actively visit the site or click a link in the e-mail (or open an attachment) to be affected, so standard precautions about safe surfing and computer usage still apply.
For users on affected versions, the Advisory has a workaround that will at least “help block known attack vectors”, until a patch is released. Or since the new year is a time for fresh starts, this might be a good time to consider upgrading to Windows 7.
No out-of-band update release seems to be forthcoming, so the soonest a patch might be available is January 11. Stay tuned.
On 05/01/11 At 01:34 AM
Full story: F-Secure Antivirus Research Weblog
Related Posts
- Microsoft Windows SMB “mrxsmb.sys” Remote Heap Overflow Vulnerability
Technical Description
A vulnerability has been identified in Microsoft Windows, which could be exploited by remote attackers or malicious users to cause a denial of service or take complete control o... - Critical Java Update and a new Windows Vulnerability
Multiple security vulnerabilities have been found within the current Java runtime environments, both for client computers and for servers. These allow attackers to infect computers for example with a ... - Windows 0-day SMB mrxsmb.dll vulnerability, (Wed, Feb 16th)
A new vulnerability has been discovered exploiting SMBcomponent of Windows. The attack involves sending of malformed Browser Election requests leading the heap overflow within the mrxsmb.dll driver.Th... - Microsoft Warns of Windows Script Injection Vulnerability
Microsoft tonight released a security advisory for a publicly-disclosed vulnerability in all versions of Windows. Security Advisory 2501696 describes a bug in the MHTML handler in Windows wh... - Protection from Exploits for Windows Thumbnail Vulnerability
With our recent update of the engine we added generic protection against exploitation of the thumbnail vulnerability in all current Microsoft Windows operating systems. Microsoft warned of this secur... - First Patchday in 2011 is very light
The Redmond company released the first patches for its operating systems in January 2011. Two updates for two security bulletins deal with three security vulnerabilities within Windows components.
On... - Windows “DbgHelp.dll” Export name stack overflow vulnerability
The malwares in wild are exploiting this vulnerability. This vulnerabilty allows remote code to be executed while a debugger loads a specially crafted executable using Microsoft's Dbghelp.dll(ver 5.x)... - List of DLL Vulnerability Windows Apps Grows
The initial shock of the remote DLL attack problem in Windows has passed, but the problem itself slowly continues to escalate. Don't expect it to get better. We will likely experience a long ... - Remote DLL Vulnerability Used to Attack Windows Apps
The remote DLL loading vulnerability that has the security community all atwitter has begun to produce specific exploits in Windows applications.
View full post on PCMag.com Security Covera... - Zero-day Windows bug problem worse than first thought, says expert
An unpatched problem with Windows applications is much worse than first thought, with hundreds of programs, not just 40, vulnerable to attack, a Slovenian security company said today.
View full pos...
Posted on 05 January 2011. Tags: 2011, First, Vulnerability, Windows
