Mar

31

Microsoft patches first critical bug in Windows 7 beta

Filed Under Virus | 

Microsoft Corp. patched the first critical vulnerability in Windows 7 yesterday as it rolled out an update that fixes three flaws in the new operating system’s kernel.

The MS09-006 update, which researchers tagged as the most serious of the three issued Tuesday and the one to patch first, includes a critical bug in the kernel’s processing of input delivered by the graphical device interface (GDI), the core graphics rendering component of Windows.

According to Microsoft, the public beta of Windows 7, as well as previews of other editions of the OS, contain the three flaws fixed by MS09-006. "These vulnerabilities were reported after the release of Windows Server 2008 Service Pack 2 Beta, Windows Vista Service Pack 2 Beta, and Windows 7 Beta," Microsoft said in the accompanying bulletin. "Customers running these platforms are encouraged to download and apply the update to their systems."

All supported versions of Windows, ranging from Windows 2000 and XP to Vista and Server 2008, require patching. "It’s in all versions of Windows; it’s deep in the kernel and in GDI," Wolfgang Kandek, chief technology officer at security company Qualys Inc., said in an interview yesterday.

Attackers could use malformed WMF (Windows Metafile) or EMF (Enhanced Metafile) images to exploit the bug in Windows 7, just as they could in other editions. Microsoft said the malicious images could be fed to users via e-mail, placed on Web sites or added to other documents. Simply viewing the images would trigger the vulnerability.

Computerworld has confirmed that machines running the public preview of Windows 7, which Microsoft offered for a month, from Jan. 10 to Feb. 12, are offered the MS09-006 security update.

http://www.computerworld.com/action/…ce=rss_topic17

Related Posts:

written by lina \\ tags: , , , , , , , , , , , , , , , , ,

Comments

Leave a Reply

You must be logged in to post a comment.