Windows 7 64-bit vulnerable to attack

Microsoft has warned that the 64-bit version of Windows 7 is vulnerable to remote code execution.

The company said it is investigating a new public report of a vulnerability in the Canonical Display Driver (cdd.dll).

Although it is possible that the vulnerability could allow code execution, successful code execution is unlikely due to memory randomisation, the software giant insisted.

In most scenarios, it is much more likely that an attacker who successfully exploited this vulnerability could cause the affected system to stop responding and automatically restart.

Microsoft said it is not aware of any attempts to exploit the vulnerability thus far, but said it will take "appropriate action" which may include providing a security update through its monthly release process or providing an out-of-cycle security update.

The flaw lies in the Canonical Display Driver, which blends the Windows graphics device interface and DirectX drawing.

The vulnerability affects Windows 7 x64, Windows Server 2008 R2 x64, and Windows Server 2008 R2 for Itanium systems, but only if they have the Aero theme installed.

Aero is not switched on by default in Windows Server 2008 R2, nor does 2008 R2 include Aero-capable graphics drivers by default.

A workaround is to disable Windows Aero, which blocks the path by which cdd.dll can be exploited.