Microsoft issued a Security Advisory on Tuesday detailing a new un-patched Windows flaw.
The vulnerability is a publicly disclosed flaw affecting the Windows Graphics Rendering Engine on Vista, Server 2003 and Windows XP. The vulnerability is caused when the Windows Graphics Rendering Engine improperly parses a specially crafted thumbnail image, resulting in a stack overflow. An attacker who successfully exploited this vulnerability could run arbitrary code in the security context of the logged-on user. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
Microsoft details a potential attack scenario in the Security Advisory:
“In a network attack scenario, an attacker could place a specially crafted thumbnail image or a file containing a specially crafted thumbnail image on a network share, such as in a UNC or WebDAV location, and then convince the user to browse to the location in Windows Explorer. When the user navigates to the share, the affected control path is triggered via the Graphics Rendering Engine. The specially crafted thumbnail image could then exploit the vulnerability and execute code in the security context of the logged-on user. An attacker would have no way to force users to visit a network share, UNC, or WebDAV location. Instead, an attacker would have to convince them to visit the share, typically by getting them to click a link in an e-mail message or Instant Messenger message that takes them to the network share, UNC, or WebDAV location.”
Windows 7 appears to be safe according to the software giant. Both Windows 7 32-bit and 64-bit are unaffected. Security firm Secunia currently rates the vulnerability as “extremely critical”. Microsoft says it’s not aware of attacks that use the report vulnerability at this time. The software maker says it’s “working to develop a security update to address this vulnerability.”