On May 18, Microsoft issued a security advisory on a vulnerability identified in the Canonical display driver dll (cdd.dll) that is used to blend Window GDI and DirectX Drawing. If exploited, the vulnerability would cause the system to stop responding and restart.
The vulnerability is believed to be difficult to exploit due to the randomization in memory and also address space layout randomization. The vulnerability can only be exploited on Win7 x64. The vulnerable systems will also have to have Direct X 10, 10.1 or 11 running and the Aero interface enabled.
- To prevent exploitation, disable the Aero interface.
While Windows server 2008 R2 x64 and Server 2008 R2 for Itanium systems
use the same CDD.dll, the Aero interface is not enabled on those