We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message
80,259 News Articles

Attacks begin against 'critical' Windows bugs

Only Windows XP SP3 will be safe from graphics hack

Hackers are working around the clock to exploit a critical Windows vulnerability that was patched on Tuesday, security researchers warn - and the only version of Windows not at risk is the unfinished Windows XP SP3.

Fortunately, these initial sorties have been unsuccessful, Symantec said in a brief warning to customers of its DeepSight threat service. "The DeepSight honeynet has observed in-the-wild exploit attempts targeting a graphics device interface [GDI] vulnerability patched by Microsoft on April 8, 2008," said Symantec in its alert.

On Tuesday, Microsoft patched two bugs, both named as 'critical', in the Windows GDI, one of the core components of the operating system. According to Microsoft, every current version of Windows, including the very newest, Vista Service Pack 1 (SP1) and Server 2008, is open to attack.

The vulnerabilities can be triggered by malformed WMF (Windows Metafile) or EMF (Enhanced Metafile) image files, Microsoft noted in its accompanying advisory.

On Tuesday analysts named the GDI bugs as the most dangerous of the 10 disclosed and patched by Microsoft that day. They noted similarities between the two new vulnerabilities and others revealed in late 2005, which were extensively exploited by attackers for months afterward.

Amol Sarwate, manager of Qualys's vulnerability research lab, said at the time that he expected attackers to quickly begin leveraging the bug. "Users who simply view an image online or in email could be compromised," he said.

Yesterday, Symantec said it had spotted three different websites hosting malicious WMF/EMF image files that were targeting one of the two GDI bugs. However, those images weren't able to exploit the flaw. "Analysis of the images has shown that although [they] appear to be malicious, they do not contain enough data in the associated image property to sufficiently trigger the vulnerability," read Symantec's warning. "We are still investigating the issue as to why this may be the case."


IDG UK Sites

Best Christmas 2014 UK tech deals, Boxing Day 2014 UK tech deals & January sales 2015 UK tech...

IDG UK Sites

Apple's 2014 highlights: the most significant Apple news of 2014

IDG UK Sites

2015 creative trends: 20 leading designers & artists reveal the biggest influences & changes coming)......

IDG UK Sites

Ultimate iOS 8 Tips: 35 awesome and advanced tips for using iOS 8 on iPhone and iPad