Windows Graphics Engine Contains Security Flaw

Microsoft released a security advisory today concerning Windows Vista, Windows XP and Windows Server 2003.

The flaw is associated with the Windows graphics rendering engine, which improperly parses a specially crafted image file, leading to a stack overflow, according to Microsoft's security advisory 2490606. This remote code execution exploit can be used by a hacker to gain user rights on a system. However, Microsoft's blog describing the problem states that the company isn't aware of any active exploits occurring yet.

The issue is made more acute if the user has administrative rights, which may allow the attacker to modify network settings or change and delete data.

Typically, an attack using this exploit would attempt to get Windows users to click on an e-mail attachment containing a thumbnail image or an instant messaging link. An alternative attack method might be to direct a user to a thumbnail image located on a network sharing space.

The security advisory suggests keeping software updated and using firewalls and antivirus software. It also describes a few workarounds to increase protection, prior to Microsoft's release of patch.

Microsoft isn't planning to release an out-of-band patch, according to the blog. However, it may release a fix in one of its monthly security update releases. It's not clear when that might happen. Microsoft suggests monitoring its Twitter feed or its MSRC security blog.

Meanwhile, software security firm Sophos reported today that hackers have been sending fake Windows updates through e-mail attachments, which is something that Microsoft does not do. The attachment installs a worm associated with a Windows autorun exploit.

About the Author

Kurt Mackie is senior news producer for 1105 Media's Converge360 group.


  • Spaceflight Training in the Middle of a Pandemic

    Surprisingly, the worldwide COVID-19 lockdown has hardly slowed down the space training process for Brien. In fact, it has accelerated it.

  • Surface and ARM: Why Microsoft Shouldn't Follow Apple's Lead and Dump Intel

    Microsoft's current Surface flagship, the Surface Pro X, already runs on ARM. But as the ill-fated Surface RT showed, going all-in on ARM never did Microsoft many favors.

  • IT Security Isn't Supposed To Be Easy

    Joey explains why it's worth it to endure a little inconvenience for the long-term benefits of a password manager and multifactor authentication.

  • Microsoft Makes It Easier To Self-Provision PCs via Windows Autopilot When VPNs Are Used

    Microsoft announced this week that the Windows Autopilot service used with Microsoft Intune now supports enrolling devices, even in cases where virtual private networks (VPNs) might get in the way.

comments powered by Disqus

Office 365 Watch

Sign up for our newsletter.

Terms and Privacy Policy consent

I agree to this site's Privacy Policy.