Weaknesses in Microsoft Windows Upset Users
Vulnerabilities found in Microsoft Windows Graphics Rendering Engine (GRE) that allow potential hackers to “run arbitrary code in the security context of the logged-on user” have alarmed users of the software.
According to San Diego-based software security specialist Websense, a folder that contains a “specially-crafted” Microsoft Office document or even an attachment that goes with a Word or Powerpoint email could damage the GRE once opened using Microsoft Windows Explorer. Usually, Websense added, the link on a compromised website redirects to a malicious document found in an online folder WebDAV. Once a hacker successfully exploits these Microsoft Windows vulnerabilities, an arbitrary code can be easily run in the security context of the logged-on user.
Microsoft released a list of the affected software in its advisory, which includes Windows XP Service Pack 3, Windows Server 2003 Service Pack 2, Windows Vista, Windows Server 2008 for 32-bit and x64-based Systems, and Windows Server 2008 for Itanium-based Systems. But Windows 7, Windows Server 2008 R2 for x64-based Systems, and Windows Server 2008 R2 for Itanium-based Systems are still safe, Microsoft added.
These vulnerabilities in Microsoft Windows could allow a hacker to create new accounts in the user’s computer with full rights, remotely install malware programs, and change or delete data by just getting a user to click on an image in a browser or document, Microsoft said. Websense said that the trouble lies in the CreateSizedDIBSECTION() function in which the “unhandled parameter of the thumbnail” causes the Microsoft Windows GRE to crash.
However, users that configured their accounts “to have fewer user rights on the system could be less impacted than users who operate with administrative user rights,” the software giant added.
Microsoft is already working with its partners at Microsoft Active Protections Program to broaden protection for the users.
“We are not aware of attacks that try to use the reported vulnerability or of customer impact at this time…Upon completion of this investigation, Microsoft will take the appropriate action to help protect our customers. This may include providing a security update through our monthly release process or providing an out-of-cycle security update, depending on customer needs,” Microsoft said in its advisory.
The vulnerabilities in Microsoft Windows have been discovered by two security researchers who revealed their study in a conference in Korea late in 2010.