Microsoft warns for security flaw in Windows Graphics Rendering Engine

Posted on Wednesday, January 05 2011 @ 16:47 CET by Thomas De Maesschalck
Microsoft warns a security vulnerability in the Windows Graphics Rendering Engine could be abused to execute malicious code. Windows 7 and Windows Server 2008 R2 are not affected by the bug.
The company said that it's not aware of attacks leveraging this vulnerability. Affected systems include Vista, Server 2003, and Windows XP, but not Windows 7 or Windows Server 2008 R2.

SANS Internet Storm center handler and security researcher Johannes Ullrich observes that the vulnerability could be exploited through malicious thumbnail images attached to Office documents and sent via e-mail or over a network. He says there's no patch available but there are steps that can be taken to mitigate the risk by preventing the rendering of thumbnail images.
Source: InformationWeek


About the Author

Thomas De Maesschalck

Thomas has been messing with computer since early childhood and firmly believes the Internet is the best thing since sliced bread. Enjoys playing with new tech, is fascinated by science, and passionate about financial markets. When not behind a computer, he can be found with running shoes on or lifting heavy weights in the weight room.



Loading Comments