×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Microsoft Warns of Windows 7 Graphics Flaw

CmdrTaco posted more than 3 years ago | from the leaky-pipes-make-for-wet-basements dept.

Bug 262

Barence writes "A flaw with the graphics driver in Windows 7 could compromise the stability and security of PCs, Microsoft has warned. The vulnerability lies in the Windows Canonical Display Driver (cdd.dll) for the 64-bit versions of Windows 7 and Windows Server 2008 R2. Microsoft claims that the flaw could lead to machines rebooting or even allow a hacker to remotely execute code, although it claims either eventuality is improbable. Concerned users are being advised to disable Windows Aero until Microsoft can issue a fix."

cancel ×
This is a preview of your comment

No Comment Title Entered

Anonymous Coward 1 minute ago

No Comment Entered

262 comments

Servers (5, Informative)

sopssa (1498795) | more than 3 years ago | (#32264222)

and Windows Server 2008 R2

This is why you don't use unnecessary things like Aero (and graphical displays) on servers. Granted Aero isn't enabled by default on Windows Server 2008, but it's still all unnecessary. Servers are meant to be configured and left running with minimal installs. You can do everything you need to from a command line, and sftp for editing those configuration files. When you have a minimalistic install there's also much less change of some random software having an exploitable bug.

GUI is still there for remote desktop and it's eas (1, Informative)

Joe The Dragon (967727) | more than 3 years ago | (#32264256)

GUI is still there for remote desktop and it's easier to configure then CMD only.

Re:GUI is still there for remote desktop and it's (2, Funny)

Anonymous Coward | more than 3 years ago | (#32264338)

easier than cmd? you must be new here.

Re:GUI is still there for remote desktop and it's (0, Flamebait)

Pojut (1027544) | more than 3 years ago | (#32264494)

easier than cmd? you must be new here.

If by "new here" you mean "under the age of 45", then yeah. I grew up around DOS, and I STILL prefer a GUI to a command line for getting stuff done.

Re:GUI is still there for remote desktop and it's (1, Insightful)

DarkKnightRadick (268025) | more than 3 years ago | (#32264632)

I didn't grow up around DOS and still prefer a command line to a GUI for getting real work done.

Re:GUI is still there for remote desktop and it's (0)

Anonymous Coward | more than 3 years ago | (#32264900)

I definitely prefer a GUI. Then I can have terminals open with all the command lines I need, but also be able to use my web browsers and graphics applications at the same time.

I use the command line for a lot of things, but I definitely wouldn't want to use a CLI-only system as my desktop.

Re:GUI is still there for remote desktop and it's (0, Flamebait)

commodore64_love (1445365) | more than 3 years ago | (#32264978)

I grew up with DOS (more specifically 1541 CASCII and AmigaCLI), but still prefer a GUI. I can backup all my documents to an external drive with a simple drag-and-drop. I can't imagine trying to do that with a CLI. Well I can, but it would take longer.

Re:GUI is still there for remote desktop and it's (4, Insightful)

psbrogna (611644) | more than 3 years ago | (#32265036)

While you might not be able to imagine it, those who do know how to perform an administrative task both from a terminal and from a GUI often find that doing it from the terminal is more efficient and more reliable.

Re:GUI is still there for remote desktop and it's (3, Insightful)

Mascot (120795) | more than 3 years ago | (#32265012)

CLI does have its uses. There are things it offers that no GUI can, and vice versa.

But claiming you need it for "real work" is like claiming you need a printing press to print a sheet of paper with "real text" on it. Both are equally ridiculous statements.

For most work environments, neither CLI nor GUI alone covers all needs. Welcome to the real world, where we use the appropriate tools for each task.

Re:GUI is still there for remote desktop and it's (2, Insightful)

Anonymous Coward | more than 3 years ago | (#32264376)

GUI is still there for remote desktop and it's easier to configure then CMD only.

That's because Microsoft has a crippled CLI, and yes, that included Powershell..

Re:GUI is still there for remote desktop and it's (0)

Anonymous Coward | more than 3 years ago | (#32264922)

Funny, because Powershell is a joy to work with, compared to Bash. .NET, object piping, consistent naming, no obscure 2-character parameters? I think I just orgasmed.

Re:GUI is still there for remote desktop and it's (1)

kestasjk (933987) | more than 3 years ago | (#32265006)

Please elaborate, I've only heard good things about Powershell (but am willing to accept that this may say more about people willing to learn Powershell than Powershell itself)

Re:GUI is still there for remote desktop and it's (0)

Anonymous Coward | more than 3 years ago | (#32265084)

A shell is only useful if it's the default action when you create a program, and a GUI is an afterthought. PowerShell is the afterthought, so even where Microsoft's tools are fully scriptable, some of your middleware isn't going to be.

Re:GUI is still there for remote desktop and it's (0)

Anonymous Coward | more than 3 years ago | (#32265294)

A shell is only useful if it's the default action when you create a program, and a GUI is an afterthought.

So that explains why many Linux applications are lacking functionality in the GUI.

Idiotic Moderators. (-1, Troll)

Petersko (564140) | more than 3 years ago | (#32265016)

"That's because Microsoft has a crippled CLI, and yes, that included Powershell."

So far +4 "insightful". How fucking retarded do you have to be to moderate a post bashing the Windows CLI as "insightful"?

Actually, I'll tell you. You have to be 16 inches of forehead retarded.

"That guy just said the sun will rise tomorrow - how insightful!"

Re:Idiotic Moderators. (0, Redundant)

Schoenlepel (1751646) | more than 3 years ago | (#32265120)

Well, your post should be modded down too.

1) Troll
2) Default judgement.

I still haven't read why the windows powershell is crap. Concensus seems to point in that direction, but could anybody who has considerable experience with windows power shell and any unix-like shell comment on this?

Re:Idiotic Moderators. (3, Informative)

brennz (715237) | more than 3 years ago | (#32265286)

Powershell is by far, one of the best Microsoft has created on the scripting side. Why? They basically took a shell and enhanced it by making it object aware, and giving it access to .net. In Microsoft lingo, cmdlets replace unix utilities.

I am not a fan of the naming conventions they use in powershell! It makes it harder to write terse scripts.

Please see

http://w3.linux-magazine.com/issue/78/Bash_vs._Vista_PowerShell.pdf [linux-magazine.com] for a comparison of powershell vs Bash.

http://blog.brandonbloom.name/2009/04/powershell-condemned-to-reinvent.html [brandonbloom.name]

Re:GUI is still there for remote desktop and it's (1)

IWannaBeAnAC (653701) | more than 3 years ago | (#32264468)

GUI is still there for remote desktop and it's easier to configure then CMD only.

But a remote desktop shouldn't require any kind of display driver on the host.

Re:GUI is still there for remote desktop and it's (1)

bhtooefr (649901) | more than 3 years ago | (#32264724)

CDD (the affected driver) is for GDI (read: pre-Vista, although quite a lot of current software still uses GDI) applications to display on a display using the Desktop Window Manager. Disable Aero, and you're using XPDM instead of DWM, and it's GDI all the way.

Although I believe the DWM disables itself for remote desktop, anyway.

Re:GUI is still there for remote desktop and it's (1, Insightful)

flyingfsck (986395) | more than 3 years ago | (#32264564)

Well, that is the point where Microsoft copied X Windows wrongly. There is no need to run the windowing GUI on the remote machine if the local machine is already running a windowing GUI.

Re:GUI is still there for remote desktop and it's (2, Insightful)

kestasjk (933987) | more than 3 years ago | (#32265048)

If there's no need to do it why is X Windows the only windowing system that does it? Why does VNC/somethingX (the new one) exist for X Windows when X servers are available on all platforms?

I don't know that you're wrong in calling Microsoft's approach wrong, or have more than an idea of why you might be wrong, but the fact that everyone else uses the "wrong" approach sets off the BS-meter.

Re:GUI is still there for remote desktop and it's (1)

JasterBobaMereel (1102861) | more than 3 years ago | (#32265284)

There was no freely availalbe Xserver/XClient for Windows until recently .....

VNC will work on any graphical system, Windows, X, And most others .... that's the point it is *not* tied to X and so can be universal

The X approach is wrong (for various reasons)
    - But X is simple enough that it's inadequacies can be worked around
Windows is wrong (for various other reasons)
  - But this is Windows so there is no way to work around it's inadequacies...

Re:GUI is still there for remote desktop and it's (4, Insightful)

natehoy (1608657) | more than 3 years ago | (#32264576)

I can see that. Perhaps you are a small business and you don't want to train your network admins on CLI tools, so they use the "easier" (read: "requires less training") GUI rather than the faster CLI. Fair enough, not everyone can afford fully-trained network engineers to manage a few small in-house servers.

But, seriously, Aero? Even the least experienced network admin doesn't need to enable Aero to administer the server. It's a waste of CPU and memory resources for something that (hopefully) you spend a few minutes a week on. If you insist on using a GUI to administer your servers, fine, but at least make it the simplest GUI you can use to get your job done.

As GP said, the simpler your interface, the less likely there is to be an exploitable security flaw in it. The more complex you make your remote access capabilities, the more likely it is that someone else can find a vector in to them.

SFTP/SSH exchanges very little data and has very few possible attack vectors. "Classic" GUI has a few more attack vectors and possible failures and exchanges a lot more data, but it adds simplicity for those not comfy with the CLI, so there's a logical trade-off there.

Aero adds a lot more traffic, a lot more complexity, a lot more potential vectors for both failure AND attack, and does not make the GUI any more functional for administrative tasks.

Now, if you're using Server 2008 on your desktop as your daily machine, and you like sexy GUI, OK, I can see Aero being enabled. But there's no reason to enable Aero on an actual server.

Re:GUI is still there for remote desktop and it's (1)

lukas84 (912874) | more than 3 years ago | (#32264796)

So you wrote a lot and it even makes sense and considers most of the cases.

But Aero is disabled by default in Server 2008/R2. So there's no harm - it's available if you need it, but it doesn't affect your security with just being there.

Re:GUI is still there for remote desktop and it's (0)

Anonymous Coward | more than 3 years ago | (#32264986)

So there's no harm - it's available if you need it, but it doesn't affect your security with just being there.

You're right, of course. However, the paranoid sysadmin (which I'd argue is the only sysadmin one should aspire to be) would want to make sure stuff not being used isn't even sitting on the server. A good lockdown checklist not only disables unneeded services and applications, but takes steps to uninstall whenever possible.

All that's needed is another exploit that allows unauthorized remote activation of Aero, or a policy oversight that permits an ignorant or malicious user to enable it. Why even allow the opportunity to have a disabled security hole laying around?

Re:GUI is still there for remote desktop and it's (3, Insightful)

lukas84 (912874) | more than 3 years ago | (#32265102)

I'm not sure if being paranoid is the right step - careful, sure, paranoid - no.

In the end, the goal of IT is to enable it's users to be more productive. Sometimes overparanoid IT guys can make life more difficult for the Users - this should be minimized.

All of the Windows Server components are always on-the-disk in Server 2008/R2. IIS on the disk, whether you use it or not. But only when enabling it you'll actually get the services you need for it.

This doesn't hurt. It doesn't compromise security.

Re:GUI is still there for remote desktop and it's (1)

FlyingBishop (1293238) | more than 3 years ago | (#32265130)

Removing it doesn't hurt. This is not an overzealous sysadmin problem, this is Microsoft sucking at modular design.

Re:GUI is still there for remote desktop and it's (0)

geekoid (135745) | more than 3 years ago | (#32264956)

Aero is a nice GUI. And in most servers, it only takes up system resource that wouldn't be used anyways.

If you are running systems so close that running Aero has an actual practical effect, then you are running underpowered servers.

IT does NOT add a 'lot more' traffic, or a 'lot more' complexity.

It add a minor bit of each.

Re:GUI is still there for remote desktop and it's (1)

FlyingBishop (1293238) | more than 3 years ago | (#32265152)

"Most servers" are increasingly virtualized. So those resources would be better used by another VM if the current isn't using them.

Re:GUI is still there for remote desktop and it's (0)

Anonymous Coward | more than 3 years ago | (#32265106)

Points on Aero being disabled on Server and Remote Desktop aside, I have one more thing to note. Saying that Aero wastes CPU and memory is being extremist. At its most busy point, rendering multiple translucent non-fullscreen windows, Aero barely tops 3% CPU on a 2GHz Athlon. At fullscreen (compositing disabled) it's 0%. And memory? It doesn't take much, and VRAM on a server machine is being put to waste, anyway.

Re:GUI is still there for remote desktop and it's (1)

clone53421 (1310749) | more than 3 years ago | (#32264856)

Does Aero even work if you remote desktop in?

My guess is it drops back down to Basic.

Re:GUI is still there for remote desktop and it's (1, Interesting)

Anonymous Coward | more than 3 years ago | (#32265156)

I does, even d3d.

Re:GUI is still there for remote desktop and it's (1)

Kielistic (1273232) | more than 3 years ago | (#32265264)

Windows Server 2008 R2 added support for Aero over RDP. It is disabled by default and is only supported when remoting in from a Windows 7 or higher machine I believe. Otherwise, yes, it drops back down to basic.

Re:GUI is still there for remote desktop and it's (1)

commodore64_love (1445365) | more than 3 years ago | (#32264914)

Bah. I always switch to the classic mode anyway. It updates the screen faster, is more responsive, and seeing as how I grew up with this (see links), I already think it's pretty enough - http://toastytech.com/guis/c64g.html [toastytech.com] http://www.guidebookgallery.org/pics/gui/desktop/full/amigaos10.png [guidebookgallery.org]

Question:

Why does this flaw affect NT 6.1 and 6.2, but not 6.0 (vista)??? And why's the driver called "Canonical"?

better yet (5, Funny)

batistuta (1794636) | more than 3 years ago | (#32264420)

This is why you don't use unnecessary things like Aero (and graphical displays) on servers.

This is why you don't use unnecessary things like Windows Server 2008 R2 on servers.

There. Fixed it for you

Re:better yet (0, Redundant)

kestasjk (933987) | more than 3 years ago | (#32265166)

Samba works with Active Directory.

Can I get +5, Funny now?

(Shit, need to rephrase this as an in soviet russia joke..)

Re:Servers (4, Insightful)

gotpaint32 (728082) | more than 3 years ago | (#32264440)

Its called Windows 2008 Server Core and Powershell. But theres a time and place for everything, try running terminal services from a box with no GUI, I'm sure your users would be very happy with just greenscreen access.

Re:Servers (0)

Anonymous Coward | more than 3 years ago | (#32264448)

Two words: Server Core.

Plenty of ways to manage it without a GUI; command prompt, scripts, Powershell, System Center.

Re:Servers (0, Troll)

geekoid (135745) | more than 3 years ago | (#32264928)

Thank you for telling people how to interact with their computer. Without you everyone would be lost.
Clearly there could never be a bug in the command window~

Re:Servers (1)

Threni (635302) | more than 3 years ago | (#32265210)

Is anyone expected to actually buy a Windows 7 phone? I just went from a Touch Diamond to a Desire (both made by HTC) and I was just laughing for the first hour or so because of how much better the Android phone is. I'm surprised Microsoft doesn't just sit down and shut up. It's exactly what you'd expect from having a variant of Windows on your phone - slow, awkward and..well, just crap. You'd occasionally get an idea of how nice it could be thanks to the hardware it was running on. Who in their right mind wants to go back to that nightmare from iPhone or Android? I guess they want to catch clueless Blackberry/Symbian users who are waiting for someone to tell them which phone to get next, but who don't have enough friends to have someone show them Apple/Android.

Canonical (-1, Redundant)

Anonymous Coward | more than 3 years ago | (#32264246)

Does this affect Ubuntu as well?!!?

Re:Canonical (-1, Troll)

jellomizer (103300) | more than 3 years ago | (#32264336)

No chances are your XWindows will lockup stopping all keyboard and mouse input and output to the computer, and any security issue from this will be blamed on those EVIL Video Card makers who will not offer their drivers as open source... So the fault is on them.

Remember if the Problem is in Linux then you blame someone else or the user for using the only but unsupported driver they can use.

If it is for Windows then it is the bumbeling Microsoft who can't make anything work.

Re:Canonical (0)

Anonymous Coward | more than 3 years ago | (#32264452)

You missed a bracket in your sig.

Re:Canonical (1)

linuxgeek64 (1246964) | more than 3 years ago | (#32264636)

No, it's a parenthesis. Parentheses != brackets.

Re:Canonical (1)

PalmKiller (174161) | more than 3 years ago | (#32264458)

And your point is?

Re:Canonical (1)

jellomizer (103300) | more than 3 years ago | (#32265206)

The point is. Linux has a lot of problems that most people excuse and overlook or blame elsewhere, vs actually trying to fix them. Windows has problems too but even for smaller problems they will get hounded for being such a horrible system. Sure lets discuss windows problems, we should demand that Microsoft keeps their product at high quality, but I am tired of this "well I use Linux so I am so much better off" nonsense. Wow they are two different systems with different code bases and they have different bugs... Duh! You like Linux and you use it and you are happy that is all well and good... However bragging that your OS doesn't suffer from That particular vulnerability is just silly and not actually useful. If this was a Ubuntu reported bug and you state that it doesn't happen in an other Linux Distribution it would be more useful as you are talking about a similar codebase and that it seems there is a unique Ubuntu problem. But comparing Windows and Linux is just a wast of time. And if you are going to pretend that Linux is a flawless OS and Superior then windows you are just fooling yourself. Linux is not Superior to windows it may be better overall but not the God OS.

Re:Canonical (1)

FeepingCreature (1132265) | more than 3 years ago | (#32264460)

Yeah, XOrg is shit. I don't think many people debate that, but it's not a reason to let Microsoft off the hook.

Re:Canonical (1)

Viol8 (599362) | more than 3 years ago | (#32264582)

XFree86 was even worse.

One day Linux will get a decent stable X server but I won't hold my breath. Thank god for alt-sysrq.

Re:Canonical (2, Informative)

DavidR1991 (1047748) | more than 3 years ago | (#32264598)

Well, yes: Because this driver is not vendor specific. It's part of the actual OS itself. When was the last time you saw, say, a huge flaw in the Linux framebuffer, or something like that?

If the vulnerability is caused by the vendor of a chip, or the shoddy documentation of s chip maker: hell yes, blame the third part. In this case... MS can only blame themselves. Their own 'canonical display driver' is shoddy, not a 3rd party chip maker.

Re:Canonical (1)

natehoy (1608657) | more than 3 years ago | (#32264618)

This vulnerability was found in Aero, not in a video driver.

Vulnerabilities have been found in X before, and fixed. This is no different.

Not sure where the anger comes from, but you might consider a nice hot cup of tea and a short break. Cheers.

No way! (5, Funny)

Lurchicus (1280666) | more than 3 years ago | (#32264306)

You'll get Areo when you pry it out of my cold dead... damn... it rebooted again!

Re:No way! (0)

Anonymous Coward | more than 3 years ago | (#32264558)

Haha, it's funny cause it's true...

Oh, sure, fine... (4, Interesting)

MediaCastleX (1799990) | more than 3 years ago | (#32264312)

...This is why I wait to get my tech. I might be on the waning edge of things, but at least I get them when they work.

Re:Oh, sure, fine... (1, Funny)

Anonymous Coward | more than 3 years ago | (#32264400)

So they've got IE 6 working now?

Worse yet, (5, Funny)

Black Parrot (19622) | more than 3 years ago | (#32264362)

it might render your porn poorly.

Re:Worse yet, (1)

drc003 (738548) | more than 3 years ago | (#32264470)

'Tis a shame that I currently hold no moderation points my fellow admirer of the pornographic arts.

Re:Worse yet, (2, Funny)

Thanshin (1188877) | more than 3 years ago | (#32264556)

my fellow admirer of the pornographic arts.

It's better to just say "man".

Otherwise we'd end up with heroes called Superfellow-admirer-of-the-pornographic-arts.

Re:Worse yet, (1)

drc003 (738548) | more than 3 years ago | (#32264596)

I just spit coffee on my keyboard. Once again it's a shame that I have used up my mod points.

I have noticed something related (4, Informative)

HopefulIntern (1759406) | more than 3 years ago | (#32264412)

When I am playing BC2 it sometimes interrupts my game to tell me I have run out of memory and Aero is turning off. I cannot imagine why, I have 1GB GPU and 6GB RAM....

It seems there are some flaws in Aero on 64 bit systems.

Re:I have noticed something related (2, Informative)

ZosX (517789) | more than 3 years ago | (#32264530)

BC2 is probably trying to cache everything into your available video ram, hence aero shutting down because it is out of ram. It does require 128megs, so perhaps BC2 is trying to utilize the whole 1 gig since its there.

Re:I have noticed something related (2, Informative)

Anonymous Coward | more than 3 years ago | (#32264648)

You are correct, lots of games will try to claim all available video ram when running in fullscreen. It's generally a good idea to turn of aero when gaming, although it's kind of a hassle. There is a method for apps to request Aero to shutdown without the need for user intervention (of all games Civ IV actually does this) but very few games seem to make use of it.

Re:I have noticed something related (2, Informative)

ZosX (517789) | more than 3 years ago | (#32264772)

You can just right click and go to the compatability tab and select disable windows themes. It will turn off aero automatically.

Re:I have noticed something related (0)

Anonymous Coward | more than 3 years ago | (#32265212)

Disabling theme support is kind of heavy-handed. Disabling composition is all that is required.

Btw, you can stop Aero manually at the cmdline by entering net stop uxsms.

Re:I have noticed something related (1)

tweak13 (1171627) | more than 3 years ago | (#32264672)

Maybe they changed this in 7 and I didn't notice, but in Vista if you are running a fullscreen 3D program aero should get disabled automatically.

Re:I have noticed something related (1)

Spad (470073) | more than 3 years ago | (#32264810)

It doesn't if you're running a multi-monitor setup.

Re:I have noticed something related (1)

HopefulIntern (1759406) | more than 3 years ago | (#32265112)

Correct. In fact, having several monitors has proven to screw around with other programs too. I loaded up SWAT4 again, to revisit a decent shooter, and it doesn't even launch until I disable the second monitor.

Re:I have noticed something related (0)

Anonymous Coward | more than 3 years ago | (#32264756)

What do you expect from a Windows application that can't even alt-tab or minimise correctly? I'm amazed it runs at all.

Re:I have noticed something related (0, Troll)

geekoid (135745) | more than 3 years ago | (#32264976)

Because it couldn't be BC2?

Seems tio me there is some flaws in your knowledge on computers.

Re:I have noticed something related (1)

HopefulIntern (1759406) | more than 3 years ago | (#32265060)

Wasn't sayin that, just saying it sounds related. It could very well be BC2 or even the nVidia driver.

I have not noticed anything... (0, Redundant)

conureman (748753) | more than 3 years ago | (#32265040)

I have not noticed anything at all since I disabled that annoying Aero immediately after install. (-2 redundant)

Re:I have noticed something related (1)

EvilIdler (21087) | more than 3 years ago | (#32265142)

I have disabled Aero (I think it's ugly) on my gaming system, and I still run into issues related to it. When starting certain games, a "helpful" bubble pops up to tell me Aero has been disabled, but its appearance causes the game to end before it even has finished loading. At least Microsoft is an equal opportunity employer, with all those mentally handicapped developers. "Look at me! I detected a USB device!"

Will a future edition of Windows have a TREAT button for the system to be rewarded whenever it does something right?

Yawn, (2, Insightful)

Massacrifice (249974) | more than 3 years ago | (#32264432)

Why do I have the feeling this is overblown? I'm running W2K8R2 x64 as a Workstation OS, it is rock stable, possibly the best OS MS ever produced. Yet I'm sure there are _plenty_ of bugs like this one. Doesn't Microsoft issue bug reports like this every month? Doesn't _any_ OS company produce bug reports like this every month? Why is this one so special? Cause, I'd like to know.

I'm not saying it's should'nt be fixed, reported, or taken care of. I'm not saying Windows is the best OS. OS X can be pwned through the WiFi drivers. I'm sure can Unbuntu can be hacked in many ways too. When OpenBSD gets cracked, then it'll be frontpage material. Until then, keep the real news rolling.

Re:Yawn, (2, Insightful)

Sycraft-fu (314770) | more than 3 years ago | (#32264926)

I think it's special because there haven't been all that many bugs with Windows NT 6.1 OSes (7 and R2). They seem to have less security issues than past Windows OSes, and are doing quite well compared to other OSes out.

However, this is Slashdot and the editors do not like Windows at all as evidenced by the broken Windows logo the Gates Borg logo and so on. They often go out of their way to find things wrong with Windows to post as front page news. Hence something like this makes the news since there hasn't been a whole lot of issues in Windows to report on. I mean note that they also had a story on an attack that could possibly allow you to fool an AV program, if you were already running code on the system and could determine on which core you ran on and did very precise timings (never mind that with code running on the system you could just turn the AV off).

Just standard fare for Slashdot. You see lots and lots of stories on Windows bugs, even when said bug is very trivial. However you only see a story on a Linux vulnerability if it is something extremely critical, like a 0 day that affects a lot of systems. Otherwise, there's little to nothing.

They are reporting the news that generally conforms to their idea of how things ought to be. Happens a lot, unfortunately.

Re:Yawn, (0)

Anonymous Coward | more than 3 years ago | (#32265226)

Note that while Linux OS' usually make bug information public, Microsoft OS; generally do not (hence the story a couple of days ago about how the government will be getting exploit information early). That's why it's news.
 
Also, I know it's cool to complain about Slashdot, but you really should know about the X button at the top left or right of your screen that will close the web browser. i know it's scary, the concept kind of shakes me up a little bit, but you could, you know, stop coming here if it really is bad enough to make you type a paragraph or three.

There is talk of useing GPU Computing in them and (1)

Joe The Dragon (967727) | more than 3 years ago | (#32264498)

There is talk of useing GPU Computing in them and will something like this make easier to hack them?

Anyone else catching the display driver name? (-1, Troll)

Anonymous Coward | more than 3 years ago | (#32264664)

Canonical

Could they have released a borked up driver named after the competition so that in time people looking into Ubuntu might recognize the name Canonical and associate it with something that "compromise the stability and security of PCs?"

Re:Anyone else catching the display driver name? (2, Funny)

GauteL (29207) | more than 3 years ago | (#32264764)

Canonical

Could they have released a borked up driver named after the competition so that in time people looking into Ubuntu might recognize the name Canonical and associate it with something that "compromise the stability and security of PCs?"

I think this post demonstrates a new level of paranoia when it comes to Microsoft.

Was this warning nesicary for microsoft? (1)

robow (1609129) | more than 3 years ago | (#32264688)

Before Microsoft issued this warning, how many people had found the flaw, and now that they have told the world about how many people know? Would it have not made more sense for them to silently patch the issue and not tell every person that has access to the internet? Or are they just covering their "six"?

Re:Was this warning nesicary for microsoft? (1)

Jeng (926980) | more than 3 years ago | (#32265042)

They just get it coming and going don't they?

Microsoft is not releasing information about their bugs, they are trying to hide them.

Microsoft is releasing information about their bugs, why are they doing this, they should not tell us about this and just fix it.

I guess its true what they say, you can't please everyone.

This has been happening to me for months (1)

PHPNerd (1039992) | more than 3 years ago | (#32264696)

My box will randomly crash. The screen wigs out and then the box reboots. It's not even a BSoD, the whole screen goes completely crazy for about 5 seconds before it reboots, and it occurs at totally random times. I have triple (probably quadruple at this point) checked that all hardware is compatible, all software is completely up-to-date, all drivers are up-to-date, and I have paid top-of-the-line antivirus software. I finally gave up and chalked it up to Win7 64-bit....looks like I was right.

Re:This has been happening to me for months (1)

fuzzyfuzzyfungus (1223518) | more than 3 years ago | (#32264832)

You might want to verify that you don't have a hardware problem there. Graphical corruption caused by software bugs is certainly far from unknown; but "screen wigs out, system dirt-naps" is classic dying GPU behavior. I saw it all the time when dealing with a batch of laptops with the NVIDIA GPU package fault issue.

Re:This has been happening to me for months (1)

Itninja (937614) | more than 3 years ago | (#32265010)

I would recommend you swap out some hardware, namely the graphics card. What you describe sounds less like a Windows issue and more like a graphics card issue (though I don't know what you mean by 'wigs out'). Get yourself a different graphics card and swap it out and see if the issue goes away. And honestly, who pays for AV on a non-corporate machine?

Re:This has been happening to me for months (1)

CAIMLAS (41445) | more than 3 years ago | (#32265170)

I have paid top-of-the-line antivirus software.

Well then. This is evidently your problem. :)

Windows 7 rox man... (0, Troll)

BigDeek (1805030) | more than 3 years ago | (#32264790)

Windoze 7 is the bomb... You gatta love this stuff.. If there was like 100 holes I would still use it because its Microsoft and Microsoft is a trusted name that you can depend on. Sure Bill Gates may be a money hungry whore but still... Microsoft still rules... Microsoft FTW!!!!

Remotely execute deez nuts. (1)

orsty3001 (1377575) | more than 3 years ago | (#32265158)

Almost every flaw with anything in Windows could allow a hacker to execute code remotely. What's the deal with that?
Load More Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Sign up for Slashdot Newsletters
Create a Slashdot Account

Loading...