Slashdot is powered by your submissions, so send in your scoop

 



Forgot your password?
typodupeerror
Bug Graphics Security Windows Technology

Microsoft Warns of Windows 7 Graphics Flaw 262

Posted by CmdrTaco
from the leaky-pipes-make-for-wet-basements dept.
Barence writes "A flaw with the graphics driver in Windows 7 could compromise the stability and security of PCs, Microsoft has warned. The vulnerability lies in the Windows Canonical Display Driver (cdd.dll) for the 64-bit versions of Windows 7 and Windows Server 2008 R2. Microsoft claims that the flaw could lead to machines rebooting or even allow a hacker to remotely execute code, although it claims either eventuality is improbable. Concerned users are being advised to disable Windows Aero until Microsoft can issue a fix."
This discussion has been archived. No new comments can be posted.

Microsoft Warns of Windows 7 Graphics Flaw

Comments Filter:
  • Oh, sure, fine... (Score:4, Interesting)

    by MediaCastleX (1799990) on Wednesday May 19, 2010 @08:47AM (#32264312) Journal
    ...This is why I wait to get my tech. I might be on the waning edge of things, but at least I get them when they work.
  • by Anonymous Coward on Wednesday May 19, 2010 @09:49AM (#32265156)

    I does, even d3d.

  • WinServer? (Score:4, Interesting)

    by Toreo asesino (951231) on Wednesday May 19, 2010 @10:13AM (#32265460) Journal

    Areo isn't even installed by default with Windows Server 2008 - you have to install it, reboot, and then enable it. That's hardly any attack vector at all IMO.

  • by kimvette (919543) on Wednesday May 19, 2010 @11:17AM (#32266334) Homepage Journal

    Administering IIS has been a pain in the ass since day 1. Unlike NCSA, Netscape, and Apache servers, you had to point-and-click through a zillion tabs and dialog boxes in IIS to configure and tune the server - or for more advanced tuning, do something even worse: hark back to the day of C= BASIC 2.0 and do the equivalen of PEEK and POKE to the IIS Metabase. Microsoft has FINALLY seen the light and now offers the ability to edit configuration files. This makes things MUCH easier since you can see right in front of you which features are enabled or disabled, tweak things like buffers, and so forth, and don't have to click through eleventyteen places to find the bottleneck or what is breaking your server.

    For a long time Apache has been kicking Microsoft's butt on the server side, and believe it or not, a large part of it is not just Apache's lesser system requirements, but the ability to easily administer it. If you're a serious sysadmin you'll appreciate the command line and the ease of administration it brings. Sure, you have to learn a little more, and put more up-front effort into the job, but once you have acquired the skills you will find you are repeating tasks only once or twice and then spend some time writing scripts to handle it automatically.

    Aside from activation (I've spent thousands on Windows, Exchange, SQL Server, etc.) this is one of the big reasons we dumped Windows in favor of Linux. The only Windows server we have left is an MSDN installation, for testing, not production. All the other servers run Linux, and I have a ton of stuff automated.

    Windows is really getting there - it really is. It just needs a really good CLI. Powershell is a good step, but I prefer bash. (Cygwin or AndLinux or SFU) + powershell are two ways you can get close to the flexibility of Unix administration, but even that doesn't get you 100% there.

    Don't fear the CLI. Even Microsoft has seen the light and is well on its way to reinventing Unix, poorly (remember, "those who do not understand unix are condemned to reinvent it, poorly").

  • Re:stdlib is alive (Score:1, Interesting)

    by Anonymous Coward on Wednesday May 19, 2010 @05:43PM (#32271184)

    Actually, strcpy (and a bunch of other similarly unsafe stuff) is explicitly banned from all Microsoft source code - you won't pass a code review if you use them, and there are automated code scanners to catch anything that might slip past accidentally.

    See this [microsoft.com] for more details (and keep in mind that the list there is outdated, as it is constantly extended).

"Text processing has made it possible to right-justify any idea, even one which cannot be justified on any other grounds." -- J. Finnegan, USC.

Working...