MS10-043 – Critical: Vulnerability in Canonical Display Driver Could Allow Remote Code Execution (2032276)

Posted in TechNet on July 13th, 2010 by TechNet

Bulletin Severity Rating:Critical - This security update resolves a publicly disclosed vulnerability in the Canonical Display Driver (cdd.dll). Although it is possible that the vulnerability could allow code execution, successful code execution is unlikely due to memory randomization. In most scenarios, it is much more likely that an attacker who successfully exploited this vulnerability could cause the affected system to stop responding and automatically restart.

This entry was posted on Tuesday, July 13th, 2010 at 8:00 am and is filed under TechNet. You can follow any responses to this entry through the RSS 2.0 feed. Responses are currently closed, but you can trackback from your own site.

Comments are closed.

Search
Categories
- "Beverage" Cooling Contraption Contest (1)
- "End of Internet" (1)
- #nomorefreebugs (1)
- *canceled* Defcon Geo Challenge *canceled* (1)
- *canceled* Hack Fortress *canceled* (1)
- /dev/null (4)
- 0day (1)
- 10,000¢ Hacker Pyramid (4)
- 2.0 (1)
- ABE (2)
- activity (1)
- Administravia (2)
- aircraft (1)
- Airline Security (1)
- alextaylor (1)
- Amsterdam (1)
- announcement (1)
- Anonymity (1)
- app (2)
- App Security (2)
- Apple (2)
- applestore (2)
- Application Security (11)
- Arbor Networks (8)
- art (1)
- Art & Animation (2)
- article (7)
- Artwork Contest(s) (1)
- ATLAS (2)
- Attacks (1)
- authorreadings (1)
- avaya (1)
- Backdoor Hiding Contest (3)
- Badge Hacking Contest (10)
- ballroom (1)
- barbican (1)
- Be The Match Foundation – Bone Marrow Drive (3)
- bethnalgreen (1)
- Blog (22)
- Books (1)
- Botnets (4)
- bowroad (1)
- Breach (1)
- bruteforce (1)
- bruteforcing (2)
- Bugs (1)
- burp (7)
- burp intruder (2)
- business (12)
- camera (5)
- cameras (1)
- central (1)
- chambermusic (1)
- charingcross (1)
- charlesmartin (1)
- childrens (1)
- chisenhale (1)
- chisenhalegallery (1)
- classicalmusic (1)
- Clickjacking (1)
- Cloud Security (2)
- code (6)
- coldfusion (1)
- Columns – Haddix (1)
- Columns – Linn (6)
- Columns – Murray (1)
- Comedy (12)
- comedyvirgins (1)
- comics (1)
- command execution (1)
- commentary (1)
- Community Talk (24)
- Computer Components – Software / Internet (2)
- Computer Components – Video Cards (1)
- conferences (2)
- CONFidence (1)
- Cool Commercials (5)
- Crack Me If You Can (13)
- Crash and Compile (4)
- Crime (3)
- Critical Infrastructure (3)
- csrf (3)
- CSRF and Session Info (38)
- CTP : Capture the Packet (5)
- cups (1)
- CVE-2009-1151 (1)
- cyber warfare (1)
- Dance & Theatre (1)
- dannywallace (1)
- Dark Tangent's Tamper Evident Contest (2)
- Data Security (2)
- david (1)
- DC101 (7)
- DC18: Official and Unofficial Events and Contests (2)
- DC206 — Seattle, WA (1)
- DC207 — Auburn, ME (1)
- DC407 — Orlando, FL (2)
- DC713 — Houston, TX (1)
- DC801 — Salt Lake City, UT (2)
- DC815 — Rockford, IL (1)
- DC970-1 — Fort Collins, CO (1)
- ddos (1)
- deadbird (1)
- DEFCON 18 and Recovery (30)
- DEFCON 18 Planning (21)
- DEFCON 19 Planning (8)
- Defcon Shoot (12)
- Defcon Short Story contest (1)
- director (1)
- directory (1)
- Disclosure (1)
- discovery (1)
- distro (1)
- dnsmap (2)
- DoS (4)
- drawing (1)
- Drunken Banter (9)
- Dumbass (3)
- embedded (2)
- Entertainment (14)
- enumeration (1)
- eusecwest (1)
- event (3)
- Events (10)
- exhibition (1)
- Exhibitions (4)
- exploit (4)
- Facebook (1)
- Family (3)
- familyactivity (1)
- Featured Research (24)
- Features – /root (10)
- Features – Book Reviews (4)
- Features – Skillz (4)
- Festivals (1)
- Film (4)
- firefox (1)
- firmware (1)
- FlashGot (1)
- folk (1)
- Forum Meet (1)
- Forums (253)
  - Astalavista (253)
- franzferdinand (1)
- Freakshow Party and Related Events or Contests (1)
- free (7)
- freeevents (4)
- freefall (1)
- friday (1)
- Full Disclosure (43)
- fun (1)
- Funny (2)
- General Announcements (1)
- General News (4)
- gift card (1)
- giuliabacci (1)
- Google (4)
- Goon Band — Recognize (2)
- greateasternstreet (1)
- guinnessworldrecords (1)
- hack (1)
- hacker (1)
- Hacker Jeopardy (1)
- Hacker Karaoke (2)
- hacking (15)
- Hardware (2)
- Hardware Hacking Village (10)
- harryhill (1)
- harryhillstvburp (1)
- hitb (1)
- hitbsecconf (1)
- hmvoxfordstreet (1)
- How To (47)
- Hype Cycles (2)
- ID Theft (1)
- Identity and Access Management (9)
- Identity and Access Program Management (8)
- Identity Verification (6)
- IE (2)
- Infrastructure Protection (7)
- Insider Threat (1)
- Interesting Research (1)
- international (1)
- Internet (4)
- Internet service provider (1)
- Internet traffic (1)
- Intro (31)
- intuity (1)
- iphone (1)
- IPv6 (1)
- itunes (1)
- jazz (1)
- jeriko (1)
- kids (1)
- kissing (1)
- Knowledge (41)
  - SANSRR (35)
  - WebCasts (6)
- krakow (1)
- Legal Aspects (2)
- leicestersquare (2)
- Life (1)
- link (8)
- linksys (6)
- Linux (1)
- Literary (2)
- Local Meetings & Other Events (18)
- london (7)
- londonisfree (2)
- LosT @ Con Mystery Challenge (12)
- Magic Quadrants (3)
- Magic Quadrants and MarketScopes (27)
- magstripe (1)
- Malware (6)
- manipulation (1)
- Massage Table In Contest Room (2)
- mileend (1)
- Military (1)
- Mohawk-Con! (1)
- mount (1)
- movies (1)
- Mozilla (17)
- museum (1)
- Music (3)
- Music & Dance (1)
- nationalportraitgallery (1)
- network (1)
- Networking (2)
- New Ideas (2)
- News (19049)
  - CGI Security (96)
  - E-Week (12347)
  - Gartner (41)
  - ISC (1348)
  - Network World (4604)
  - SANS (135)
  - SANSNB (131)
  - Zone-H (19)
- News & Events (1)
- News – Latest (3)
- News Analysis (1)
- News and Links (20)
- Ninja Networks Badge and Events (5)
- nonsense (1)
- NoScript (13)
- npg (1)
- Obfuscation (90)
- obsessedabout (1)
- odeon (1)
- Official DEF CON DJs, Music, and Events (8)
- oldstreet (1)
- OMG Ponies (64)
- Open CTF (3)
- Other (4)
- outage (2)
- pagvac (5)
- Patches (1)
- PCB PWNage (2)
- peering (1)
- people (1)
- People & Stories (1)
- Pets & Animals (1)
- Photo/Image Discussion (2)
- photographeroftheyear (1)
- photography (1)
- phpMyAdmin (1)
- piccadillycircus (1)
- podcast (1)
- Podcasts (1)
- Politics (8)
- pop (1)
- premieres (1)
- privacy (9)
- programming (1)
- project (2)
- Projects (28)
- python (1)
- QueerCon (1)
- raf (1)
- Random Security (10)
- Recent Research (76)
- remote (1)
- research (1)
- Reverse Engineering (1)
- Ricketts Sniffing/Trivia Contest UNOFFICIAL (last minute addition) (2)
- Ride and Room Sharing (30)
- Robots/Spiders/CAPTCHAs, oh my (2)
- SCADA Security (1)
- scanners (2)
- Scavenger Hunt (8)
- Science & Tech (29)
- Search Engine Hacking and SEO (1)
- security (15)
- Security Briefing (6)
- security scanner (1)
- Security Tools (438)
- secwest (1)
- SEO/SEM (1)
- shirley (1)
- shoreditch (1)
- simonmartin (1)
- simonmassey (1)
- skills (1)
- skins (1)
- skydive (1)
- Skytalks (2)
- slides (1)
- social engineering (1)
- Social Media (1)
- soho (1)
- Spotlights (20)
- SQL (1)
- SQL and Code Injection (233)
- SSL (1)
- standup (1)
- stream (1)
- subdmain (1)
- subdomain (1)
- sweatshop (1)
- swimming (1)
- Tech (1)
- technology (144)
- teddington (1)
- The Basics (26)
- The Summit (2)
- thefoundry (1)
- thick clients (1)
- titanic (1)
- tool (1)
- Tools (632)
- Toxic BBQ (3)
- trafalgarsquare (2)
- training (1)
- Travel & Outdoors (1)
- traversal (1)
- Trojan Horses (1)
- TV & Radio Recordings (2)
- tvradiorecording (1)
- twilight (1)
- twitter (1)
- Twitter Hunt (4)
- Uncategorized (8280)
- update (1)
- updates (1)
- us (12)
- V13P (14)
- Value Added News Discussion (7)
- Vendor News (1)
- Vendor Ratings (2)
- Vendor Talk (1)
- victoriapark (1)
- video (13)
- Video Games (20)
- Vitals – EH-Net News (15)
- vulnerabilities (9197)
  - debian (181)
  - SANS (958)
  - Secunia (1250)
  - SecurityFocus (6578)
  - TechNet (173)
  - US-CERT (57)
- vulnerability (10)
- Wall of Sheep (2)
- war (1)
- watchmen (1)
- web (1)
- web application (1)
- web application security scanner (1)
- Web Security (1)
- web2.0 (2)
- Webappsec (32)
- Wheels & Wings (3)
- windows (1)
- Wireless Security (30)
- XSS (7)
- XSS Info (44)
- YouTube (2)
Recent Posts
Noise
.net apache application architecture asp astalavista blackberry code cve defcon encryption enterprise exploit fedora forums gartner iis kernel Knowledge linux microsoft News password patch php privacy samba sans security smtp solaris sql ssh sun Tools ubuntu unix vulnerabilities vulnerability web webcasts whitepapers windows XSS

The Glider

MS10-043 – Critical: Vulnerability in Canonical Display Driver Could Allow Remote Code Execution (2032276)

Search

Categories

Recent Posts

Noise