A remote attacker may exploit this by sending specially crafted image file via email attachment or could host on a web server as a part of website and luring users to open it. Once open, and parsed by windows kernel may cause parsing error in the Canonical Display Driver (cdd.dll) and execute arbitrary code on the user's system.
This is a" Zero Day Vulnerability", no patch is available with MS.
The only safeguard suggested by MS is:
- Disable Windows Aero. (not in use generally)
- Do not open image files received from untrusted sources, or received unexpectedly from trusted sources, or file received through instant messaging.
- Do not follow untrusted links and URLs received by any mean.
To read more, follow:
http://www.microsoft.com/technet/security/advisory/2028859.mspx
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-3678
http://pcandmactech.blogspot.com/2009/12/irfanview-and-bsod.html
http://en.irfanview-forum.de/vb/showthread.php?5647-V4-25-bluescreen-with-Windows-7-cdd-dll-win32k-sys
http://tools.cisco.com/security/center/viewAlert.x?alertId=20527
http://securitytracker.com/alerts/2010/May/1023991.html
h@v3 @ $@f3 br0w$!n9 . . .
nj0y !!!
No comments:
Post a Comment