Microsoft has warned of a vulnerability in Windows that could allow an attacker to take control of a fully patched system. This affects Windows XP, Server 2003, Vista and Server 2008. According to the company, the problem does not occur under Windows 7 and Server 2008 R2.

According to a security report puts the error in the Windows Graphics Rendering Engine that allows to inject and execute malicious code with the privileges of a logged in user. The vulnerability can be, for example by e-mail exploit to a Word or PowerPoint file is attached that includes a thumbnail image manipulated. However, an attacker must entice victims into opening the attached file.

In the advisory, Microsoft describes a way to protect against the effects of an attack. It must be accessed on the file “shimgvw.dll” be restricted. This has, however, according to media files that are processed by the graphics rendering engine, can not be displayed.

“In the meantime we are working on a security update that fixes the vulnerability,” Microsoft spokeswoman Angela Gunn writes in the Security Response Center blog. Previously had no exploit for the vulnerability in circulation and they currently did not meet the criteria for an unscheduled update. The next scheduled patch day is the company for 11 Planned in January.

Microsoft has warned of a vulnerability in Windows that could allow an attacker to take control of a fully patched system. This affects Windows XP, Server 2003, Vista and Server 2008. According to the company, the problem does not occur under Windows 7 and Server 2008 R2. According to a security report puts the error [...]

Microsoft has warned of a vulnerability in Windows that could allow an attacker to take control of a fully patched system. This affects Windows XP, Server 2003, Vista and Server 2008. According to the company, the problem does not occur under Windows 7 and Server 2008 R2. According to a security report puts the error [...]

Microsoft has warned of a vulnerability in Windows that could allow an attacker to take control of a fully patched system. This affects Windows XP, Server 2003, Vista and Server 2008. According to the company, the problem does not occur under Windows 7 and Server 2008 R2. According to a security report puts the error [...]

Microsoft has warned of a vulnerability in Windows that could allow an attacker to take control of a fully patched system. This affects Windows XP, Server 2003, Vista and Server 2008. According to the company, the problem does not occur under Windows 7 and Server 2008 R2. According to a security report puts the error [...]

Microsoft has warned of a vulnerability in Windows that could allow an attacker to take control of a fully patched system. This affects Windows XP, Server 2003, Vista and Server 2008. According to the company, the problem does not occur under Windows 7 and Server 2008 R2. According to a security report puts the error [...]

Microsoft has warned of a vulnerability in Windows that could allow an attacker to take control of a fully patched system. This affects Windows XP, Server 2003, Vista and Server 2008. According to the company, the problem does not occur under Windows 7 and Server 2008 R2. According to a security report puts the error [...]

Microsoft has warned of a vulnerability in Windows that could allow an attacker to take control of a fully patched system. This affects Windows XP, Server 2003, Vista and Server 2008. According to the company, the problem does not occur under Windows 7 and Server 2008 R2. According to a security report puts the error [...]